Privacy Policy

1. Zásady používání internetových stránek a ochrana osobních údajů poskytovaných pro používání internetových stránek společnosti EOS KSI Česká republika, s.r.o. („Společnost“)

Níže vás Společnost informuje o způsobu, jakým jsou shromažďovány, používány a chráněny informace, které můžete Společnosti při používání jejích internetových stránek nebo jejich prostřednictvím poskytnout. Před vyplněním jakýchkoli informací v rámci tohoto webu si, prosím, níže uvedené informace pečlivě prostudujte.

Přesnost údajů

Přes veškeré pokusy o zajištění korektnosti, aktuálnosti a přesnosti informací uvedených na internetových stránkách Společnosti nemůže Společnost ani společnosti tvořící s ní koncern zaručit korektnost, přesnost a aktuálnost žádné z informací. Za žádných okolností nebude Společnost nebo její partneři zodpovědní za přímé nebo nepřímé škody nebo následky používání nebo spoléhání se na informace uvedené na internetových stránkách Společnosti.

  • The privacy policy applies to data processing by:

    Company details:    EOS KSI Czech Republic, s.r.o.
    ICQ:                         251 17 483
    Registered office:    Praha 4, Novodvorská 994/138, PSČ 142 00
    Entry in the
    commercial register:    Municipal Court of Prague, Department C, entry 51150

    Contact person:
     
    Jiří Kašpar Macek
    E-mail: ochrana.soukromi@eos-ksi.cz
    Tel.:    + 420 241 081 213 (weekdays 9:00 a.m. – 4:00 p.m.)

    The data protection officer for the company EOS KSI Czech Republic can be contacted at the above address.

  • This privacy policy applies to the collection of personal data on our website and the subsequent processing of these data by us.

    This privacy policy further serves towards provision of information pursuant to Articles 13 and 14 of the GDPR for data processing outside the scope of collection via this website. As such we will provide you with separate privacy policies for specific data processing activities on a case-by-case basis.

     

  • This privacy policy does not apply to data processed by the other companies of EOS Group. This is also the case if these other companies of EOS Group along with their contacts are named on our website and/or their services are shown on our website.

    The other companies of EOS Group will provide you with separate privacy policies for specific data processing activities on a case-by-case basis.

  • a. When you visit the website

    When you retrieve our website eos-globalcollection.com the browser used on your device automatically sends information to our website’s server. This information is temporarily saved in a log file. The following information is collected without your intervention and saved until it is automatically deleted after three (3) days:

    • IP address of retrieving computer,
    • date and time of access,
    • name and URL of retrieved file,
    •  website from which access occurred (referrer URL),
    • website retrieved from our website,
    • your computer’s browser and possibly operating system as well as name of your access provider.

    The aforementioned data are processed by us for the following purposes:

    • to ensure trouble-free connection establishment to the website,
    • to ensure comfortable use of our website,
    • to analyse the system security and stability, and
    • for other administrative purposes.

    The legal basis for processing of the data is Art. 6(1) Sent. 1 (f) of the GDPR. Our legitimate interest follows from the purposes for data collection listed above. Under no circumstances do we use the collected data for the purpose of drawing conclusions about you.
    Beyond that we use cookies and analysis services when you visit our website. More detailed information about this can be found in sections 4 and 5 of this privacy policy.

    b. When you contact us by email
    You can contact us with questions of any kind via the provided email address(es).
    If you do so the personal data transmitted via the email are saved. The legal basis for data processing for the purpose of making contact is Art. 6(1)(f) of the GDPR. If contact is made for the purpose of concluding a contract an additional legal basis for processing is Art. (6)(1)(b) of the GDPR.

    We delete the personal data collected by us after processing your enquiry provided we are not legally entitled or obligated to process it further.

    b. Když nás kontaktujete e-mailem

    Na uvedené e-mailové adrese nás můžete kontaktovat s dotazy jakéhokoli druhu.

    Když tak učiníte, budou uloženy osobní údaje, které prostřednictvím e-mailu předáte. Právním základem zpracování údajů pro účely kontaktu je čl. 6 odst. 1 písm. f) GDPR. Pokud je účelem kontaktu uzavření smlouvy, dalším právním základem zpracování je čl. 6 odst. 1 písm. b) GDPR.

    Osobní údaje, které shromáždíme, po zpracování vašeho požadavku odstraníme, pokud již nejsme ze zákona oprávněni či povinni je dále zpracovávat.

  • We only pass your personal data on to other companies of EOS Group or other third parties (recipients) if:

    • you have provided your explicit consent for one or more specific purposes pursuant to Art. 6(1) Sent. 1 (a) of the GDPR,
    • disclosure pursuant to Art. 6(1) Sent. 1 (f) of the GDPR is necessary for the assertion, exercising or defence of legal claims and there is no reason to assume that you have a primary protection-worthy interest in not having your data disclosed,
    • for the case that there is a legal obligation for disclosure pursuant to Art. 6(1) Sent. 1 (c) of the GDPR and
    • it is legally permissible and necessary for fulfilment of contractual obligations pursuant to Art. 6(1) Sent. 1 (b) of the GDPR.
    • we have the data processed on our behalf in compliance with Art. 28 of the GDPR.

    Transmission of your personal data for purposes other than those listed above does not occur.

  • We use cookies on our website. Cookies are small files that are automatically created by your browser and stored on your device (laptop, tablet, smartphone or similar) when you visit our website. Cookies do not harm your device and contain no viruses, Trojan horses or other malware.

    Data respectively yielded from the combination with the specific device used are saved in the cookie. However, this does not mean that we immediately become aware of your identity through this.

    For one thing, use of cookies serves to make our offering more pleasant for you to use. To that end we use so-called session cookies to detect whether you have already visited individual pages on our website. They are automatically deleted when you leave our website.

    We also use temporary cookies that are stored on your device for a specified time period to improve usability. If you visit our website again to use our services you are automatically recognised as a repeat visitor and the entries and settings you made previously are automatically recognised so you do not have to make them again.

    We also use cookies to collect statistics on the use of our website and analyse them for the purpose of optimising our offering for you (see section 5). With these cookies we can automatically recognise that you are a repeat visitor when you visit our website again. These cookies are deleted at the end of the session.

    The data processed by cookies are necessary for the purposes mentioned for safeguarding our legitimate interests as well as the legitimate interests of third parties pursuant to Art. 6(1) Sent. 1 (f) of the GDPR.

    Most browsers accept cookies automatically, but you can configure your browser to prevent cookies being stored on your computer or to display a notice before a new cookie is saved. If you completely deactivate cookies, you may not be able to use all the features of our website.

  • Usage Siteimprove Analytics

    This website uses Siteimprove Analytics, a web analytics service provided by Siteimprove. Siteimprove Analytics uses „cookies“, which are text files placed on your computer, to help EOS Holding GmbH (EOS) analyze how visitors use the site. The information generated by the cookies about the visitors’ use of the website will be stored and processed by Siteimprove on servers in Denmark.

    IP addresses are anonymized irreversibly before data is made available in the Siteimprove Analytics or Intelligence Suite for EOS.

    EOS will use this information for evaluating the visitors’ use of the website, compiling reports on website activity, and ultimately for improving the website experience for its visitors. Siteimprove will not transmit this information to third parties or use it for any marketing or advertising purposes.

    These are the cookies used by Siteimprove on this website:

    Cookie name: nmstat Type: Persistent - expires after 1000 days

    This cookie is used to help record visitors' use of the website. It is used to collect statistics about site usage such as when the visitor last visited the site. The cookie contains no personal information and is used only for web analytics.

    Cookie name: siteimproveses Type: Session cookie

    About: This cookie is used purely to track the sequence of pages a visitor looks at during a visit to the site.
    By using this website, the visitor consents to the processing of data about him/her by Siteimprove in the manner and for the purposes set out above.

    You can prevent the collection of your data by Siteimprove Analytics by clicking the following link. An Opt-Out-Cookie will be set that will prevent future collection of your data when visiting this website:

  • 1. Shariff solution
    We use Shariff buttons from social networks Facebook, Twitter, Google+, LinkedIn, Xing on our website. The buttons are simple HTML links. The procedure we use is within the framework of the Shariff solution. With the Shariff solution a script retrieves the number of times, e.g., the share button on a page has been clicked on: for this the script contacts the social network via the programming interfaces and retrieves the numbers. None of your personal data are transmitted in the process. Rather than your IP address, only our server address is transmitted to Facebook, Google and Twitter. You only become directly connected to Facebook, Google or Twitter if you perform an action. Before that the social networks cannot collect any data about you. As long as you do not click on a link to share content, you remain invisible to the networks. If you click on a link, the obligation to provide information about data collection and processing no longer rests with us, but rather with the operator of the social network.

  • You have the right:

    • pursuant to Art. 15 of the GDPR to request information about your personal data processed by us, in particular about the purposes for processing, the personal data category, the categories of the recipients to whom your data have been or will be disclosed, the planned retention duration, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if they were not collected by us and the existence of automated decision-making including profiling and if applicable meaningful information about their details;
    • pursuant to Art. 16 of the GDPR to demand the immediate rectification of incorrect or completion of the personal data saved by us about you;
    • pursuant to Art. 17 of the GDPR to demand the erasure of the personal data saved by us about you as long as processing is not necessary for exercising of the right to freedom of expression and information, for fulfilment of a legal obligation, for reasons of public interest or for assertion, exercising or defence of legal claims;
    • pursuant to Art. 18 of the GDPR to demand the restriction of processing of your personal data as long as the accuracy of the data is questioned by you and processing is unlawful, but you reject their erasure and we no longer need the data, but you require them for assertion, exercising or defence of legal claims or you have filed an objection to the processing in accordance with Art. 21 of the GDPR;
    • pursuant to Art. 20 of the GDPR to demand receipt in a structured, standard and machine-readable format of your personal data which you provided to us or transmission to another responsible party;
    • pursuant to Art. 7(3) of the GDPR to withdraw the consent you previously granted us at any time. This has the consequence that we may not continue the data processing upon which this consent was based in the future and
    • pursuant to Art. 77 of the GDPR to file a complaint with a supervisory authority. Usually you can contact the supervisory authority in your usual place of residence or workplace or our headquarters.
  • If your personal data are processed on the basis of legitimate interests in accordance with Art. 6(1) Sent. 1 (f) of the GDPR you have the right pursuant to Art. 21 of the GDPR to object to the processing of your personal data as long as there are reasons arising from your particular situation for this or the objection is directed to direct advertising. In the latter case you have a general objection right which will be implemented by us without statement of any particular situation.
    If you would like to make use of your right to withdraw or reject you only need to send an email to ochrana.soukromi@eos-ksi.cz

  • Within the website visit we use the widespread SSL (secure socket layer) method in conjunction with the highest level of encryption supported by your browser. In general this is 256-bit encryption. If your browser does not support 256-bit encryption, we fall back on 128-bit v3 technology instead. You can recognise that an individual webpage in our internet presence is being transmitted in encrypted form by the closed key or padlock icon in the bottom status bar of your browser.

    We also take suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are being improved continuously according to technological developments.

  • This privacy policy is currently valid and was last updated in August 2018.
    It may be necessary to change this privacy policy due to improvements in our website and the offerings via our website or due to changed legal or official requirements. The current privacy policy can be retrieved from our website at eos-ksi.cz and printed out at any time.

     

Personal Data Protection at EOS KSI Czech Republic, s.r.o. (“Company”)

The Company handles personal data in accordance with the applicable legal regulations exclusively. The information below will guide you with the principles governing the Company's personal data protection. 

As the Company primarily provides its customers with debt collection services for their debtors, the Company comes into contact with the personal data of debtors - natural persons ("data subjects") handed over by the customers as the processors of personal data. The principles of processing of personal data are bindingly regulated between each customer and the Company under an agreement on the processing of personal data. During the processing itself, the Company always follows the instructions of individual customers, as personal data managers, in such cases.

In other cases - especially as regards the recovery of claims of the Company, if it is expressly agreed with another administrator or as a result of the circumstances of processing - the Company acts as the controller of the personal data of the data subjects, i.e. in particular decides on the purpose and means of processing the relevant personal data.

Special cases of personal data processing by the Company involving the personal data of job seekers in the Company or about cooperation with the Company, employees of the Company and external associates of the Company are governed by separate principles for processing of personal data. 

These terms and conditions set out the rights and obligations of the Company when it is in the position of a personal data controller in relation to data subjects. If the Company is solely a personal data processor, the processing of personal data is subject to the rights and obligations set out in the privacy policy of the respective customer, creditor and you may contact your creditor directly in such an event. In such a case, the Company acts only as the contact point of the customer - administrator - in connection with the personal data that the customer has handed over to the Company.

  • Information about the administrator / processor of personal data:

    Company details:    EOS KSI Czech Republic, s.r.o.
    ICQ:                     251 17 483
    Registered office:    Praha 4, Novodvorská 994/138, PSČ 142 00
    Entry in the
    commercial register:    Municipal Court of Prague, Department C, entry 51150

    Contact person:
     
    Jiří Kašpar Macek
    E-mail: ochrana.soukromi@eos-ksi.cz
    tel.:    + 420 241 081 213 (weekdays 9:00 a.m. – 4:00 p.m.)

  • 2. Purposes of processing of personal data

    If the Company acts as a personal data controller (i.e. the Company is the creditor of the claim to which your personal data relates), the purpose of the processing is given by (i) the recovery of claims, (ii) the performance of the Company's obligations under agreements entered into or special legal provisions or (iii) by ensuring the protection of the rights and the legitimate interests of the Company and / or third parties.

    On the basis of the above, the Company will generally not need the consent of the data subject to process such personal data. The consent of the data subject will be required by the Company if part of the processing of personal data is, in particular, a summary solution of multiple debtors (data subjects) that do not have the same creditor.

    For the sake of completeness, the Company states that if the Company acts as a processor of personal data, it derives the purpose of processing personal data from that designated by the processor (i.e. the creditor of the claim) and which is always included in the relevant processing agreement. As a rule, in these cases, the processing of personal data is the purpose of recovering claims.

  • 3. Legal basis for processing personal data

    The legal basis for processing your personal data is Article 6(1)a) [your consent], (b) [performance of the agreement or negotiation before its conclusion] or (f) [legitimate interests of the Company] Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation). The legal basis for processing your personal data (identification, contact and credit rating data) also follows from the below laws: 

    (a)  Act No. 634/1992 Coll., on Consumer Protection (this act regulates credit registers);

    (b)  Act No. 257/2016 Coll., on Consumer Credit (this act regulates the rights and obligations in the provision and mediation of consumer credit);

    (c) Act No. 253/2008 Coll., on Certain Measures against the Legalisation of Proceeds from Crimes (this act imposes an obligation to carry out the identification and control of certain persons);

    (d)   Act No. 69/2006 Coll., on the Implementation of International Sanctions (this act imposes an obligation to verify that certain persons are not subject to international sanctions); or

    (e)  Act No. 499/2004 Coll., on Archiving and Filing Service (this act imposes the obligation to store and archive certain documents).

  • In some cases, the Company processes your personal data to ensure the protection of both its own and third-party rights and legitimate interests. Such processing is authorised by the Company without your consent; however, the scope of the grounds for the Company to legitimise this type of processing is limited. The Company always carefully reviews the existence of a legitimate interest.

    Examples of processing personal data as a legitimate interest:

    (a) Preparation of documentation relating to the processing of your personal data that is necessary and essential for the creation of such documentation;
     
    (b) Management of relationships with debtors and clients of the Company - performing all legal actions and deeds relating to the management of your debt or solving your claims, wishes, complaints, etc.;
     
    (c) Reporting, notification and confirmation used to manage your debt;
     
    (d) Reporting and generating analytical models based on aggregated and anonymised personal data and sharing with parent companies (EOS Holding GmbH and EOS International Beteiligungs-Verwaltungsgesellschaft mbH)
     
    (e) Analysing your data for:

    (i) Setting appropriate parameters for instalments and other agreements;
     
    (ii) Assessing your credit rating;
     
    (iii) Prevention and detection of fraud, prevention of non-compliance;
     
    (iv) Prevention of money laundering, terrorist financing, compliance with embargoes;
     
    (v) Compliance with the Company's statutory obligations vis-à-vis public authorities, in particular regulators;
     
    (vi) Testing changes to the Company's software; or
     
    (vii) Processing analyses of aggregated (and anonymised) data for historical and statistical purposes.

     

  • The Company, as a process, processes the following categories of personal data:

    Identification data - name, surname, title, birth number or date of birth, permanent address, ID number (identity card, passport number or similar document), signature - business entity's physical identification number and company ID. 

    Contact details - primarily contact address, telephone number, e-mail address and similar information. 

    Credit rating (ability to pay back) and reputational data - personal data necessary for the Company to, in particular, provide or broker a consumer loan without undue legal or material risk or to effectively exercise or defend its rights and obligations. The nature and extent of this personal data depends on the nature of the situation for which the processing of such personal data is required.

    Data on your debt, number of transactions, insolvency proceedings and communication with the Company - data on your debts recovered by the Company and related communication (e.g. actual and historical statements of debt recovered, telephone call records, records of other communications), data on the number of enforcement proceedings or insolvency proceedings) against you.

    Special categories of personal data - healthcare data is processed only in specific situations, and only with your consent.

    As a processor, the Company always processes your personal data that is transmitted to it by the processor (i.e. the creditor of the claim).

  • Personal data available to the Company is processed and stored within the Company. If the processing of your personal data is based on your consent or legitimate interest of the Company, personal data may also be processed by some of the Company's suppliers. Suppliers who cooperate with the Company are carefully selected, in particular, on the basis of safeguards to ensure the technical and organisational protection of personal data transmitted to us. Personal data may only be processed for the Company by the processors under an agreement on the processing of personal data. The Company may, in the above sense, provide personal data to the following beneficiaries for legitimate purposes:

    (a) to companies operating within the Company's group (EOS Holding GmbH (Reg. HRB 124966) and EOS International Beteiligungs-Verwaltungsgesellschaft mbH (HRB 37437));

    (b) suppliers for performing the agreement and protect the rights and legitimate interests of the Company or of a third party;

    (c) providers of postal and communications and electronic communications services;

    (d) non-bank registers in order to comply with the responsible lending obligation;

    (e) law firms for the purpose of recovering claims under credit agreements;

    (f) executors and auctioneers for the purpose of applying the related claims; or

    (g) to the regulator to oversee the Company's activities.

  • The Company is authorised to hand over your personal data in legitimate cases to processing outside of the Czech Republic. However, the transfer of personal data always takes place in accordance with the legal requirements and the protection of your personal data is ensured in any event. In particular, this may be the case where, in view of the debtor's domicile and the relevant European legislation, the claim is to be enforced in the country in which the debtor is domiciled.

  • Your personal data will only be retained by the Company for the necessary period of time and will be archived in accordance with statutory deadlines imposed by law.

    The Company processes personal data as (i) the processor for as long as the processing agreement with the relevant administrator permits; or (ii) the processor for the duration of the contractual relationship, the existence of a debt or other legal reason that allows the Company to process personal data. The Company has strict internal rules that verify the lawfulness of the possession of personal data; the Company shall not archive personal data for longer than authorised.

    Once the legitimate reason for processing personal data no longer applies, the Company shall immediately erase it.

    Personal data processed by the Company with your consent shall only remain for the duration of the purpose for which consent was granted.

  • The company processes your personal data the transparently, correctly and in compliance with all applicable legal regulations.

    At the same time, however, you have the right to contact the Company at any time to obtain information about the procedure of processing your personal data or for the purpose of exercising the rights listed below that are related to personal data.

    Right to access personal data – You have the right to request information about the personal data that the Company processes about you.

    Right to correction of personal data – If you believe that the personal data processed by the Company is inaccurate or incomplete, you have the right to request it being updated or supplemented.

    Right to the deletion of personal data (right to “be forgotten”) – You have the right to request the deletion of your personal data if (i) it is not necessary for the purpose for which it was processed, (ii) you have withdrawn consent to its processing, (iii) was processed unlawfully, (iv) must be erased to comply with a legal obligation, or (v) has been collected in connection with the provision of information company services.

    Right to limit the processing of personal data – You have the right to request restrictions to processing if (i) you refute the accuracy of your personal data, (ii) the processing of your personal data is unlawful but you refuse to erase such personal data, (iii) you request that the Company can process your selected personal data, or (iv) you have objected to the processing and it is unclear whether the Company's legitimate interest in doing so (for example, in connection with the asserting of a claim in court with which the Company has processed your personal data) it shall take precedence over your legitimate interests.

    Right to data portability – In the case of automated processing of personal data under an agreement or consent that you have granted to the Company, you are entitled to the so-called portability of this data, which will be provided to you in a structured, commonly used and machine-readable format.

    Right to object to the processing of personal data – You may at any time object to the processing of the personal data, including profiling, which the Company processes for legitimate interest.

    Right to withdraw consent to the processing of personal data – If you have given the Company permission to process your personal data for purposes requiring consent, you have the right to revoke your consent at any time. The processing of personal data that occurred prior to the withdrawal of consent or which occurs after withdrawal of consent is lawful, unless the Company has another reason for processing such personal data.

    Exercising your rights at the Company

    To exercise your above rights, you may contact the Company in writing, by e-mail or by telephone (see above). We will respond to your requests regarding the exercising of your rights without undue delay, but no later than within 30 days of receipt of your request. However, the Company will be able to extend the deadline by another two months, if necessary. The Company shall always inform you of such an extension, including the Company's reasons for doing so. The Company shall conduct its communication in the way started at your end unless you specify another preferred way.

    Right to file a complaint with the supervisory authority

    If you believe that your privacy has been violated by the Company, you have the right to file a complaint with the supervisory authority, the Personal Data Protection Authority (address: Pplk. Sochora 27, 170 00 Prague 7, tel: +420 234 665 111).