Principles Regarding Personal Data Processing and Protection

1. Objective of the Document and Personal Data Protection

The websites you are now browsing are administered by the KOMA MODULAR s.r.o. company (hereinafter referred to as “the Company“). In our Company we care for the protection of your personal data in accordance with the valid and effective legislation which is especially constituted by the Regulation (EU) No. 2016/679 (the General Data Protection Regulation, in short GDPR“) since 25 May 2018, in the Czech Republic being accompanied by a law on personal data processing.

This part of the web sites contains information how we process your personal data. This processing may differ in dependence on your attitude to the Company (e. g. if you are a supplier, a client, a visitor, or a job seeker).

2. Personal Data Controller

The controller of personal data in the sense of the national and European legislation is:


Říčanská 1191

763 12 Vizovice

Czech Republic

Org. No. 46966170

(hereinafter referred to as “the Company“). If you have any question regarding the processing and the protection of your personal data, you can contact us by e-mail at the address of info@koma-modular.cz or by phone at the phone number +420 577 007 711.

3. Categories of Personal Data

Within the scope of activities of the Company we process various categories of personal data. The largest part of personal data we process about our customers, suppliers, or third parties we administer in connection with offers, providing and securing our services and the supply of products. It concerns especially following categories:

  • Address and identification data (e. g. name, surname, date of birth)
  • Contact data (e. g. phone, postal address, e-mail address);
  • Description data incl. image information
  • Data about other person

4. Purposes of Data Processing

We process personal data especially for the below named purposes:

1. Performance of commercial activities and activities arising out of or in relating to these commercial activities. The fulfilment of these activities involves:

  • Negotiations on contractual relationship relating – except a contract conclusion – also preparation of calculations, quotations, and proposals of solutions;
  • Detection of customer’s needs;
  • Administration of contracts and termination of contracts;
  • Performance of obligations from the contract and providing of services;

2. Fulfilment of requirements of state or other authorities and fulfilment of statutory duties arising out of or in relating to the legal provisions;

3. Protection of rights and legitimate interests pursued by the Company protected by the law;

4. Inner administrative needs of the Company;

5. Commencement, administration, and termination of relations with intermediaries and commercial partners;

6. Offering of own services (direct marketing);

7. Addressing potential clients;

8. Transferring personal data to external companies for marketing purposes;

9. Copying of documents for administration of contract relations with suppliers;

10. Processing of image information for presentation purposes via web sites of the Company;

11. Protection of material and immaterial assets.

5. Legal Grounds for the Processing

The Company always processes such requested and obtained personal data for restricted purposes of the processing only and on the basis of relevant legitimate grounds of the processing, especially if

  • processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (Art. 6 (1) lit b GDPR);
  • processing is necessary for compliance with a legal obligation to which the controller is subject (Art. 6 (1) lit c GDPR);
  • processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child (Art. 6 (1) lit f GDPR);
  • the data subject has given consent to the processing of his or her personal data for one or more specific purposes (Art. 6 (1) lit a GDPR).

Processing necessary for legitimate purposes

The Company processes personal data for legitimate purposes, namely for:

  • Processing of data of non-contracting parties – on this legal ground the Company processes personal data of persons who are not contracting parties. They are especially contact and other persons whose personal data are necessary for the performance of contracting activities.
  • Marketing activities and sending commercial messages, if a condition is fulfilled that the data subject can reasonably expect such processing in respect of circumstances. Direct marketing involves offering of Company’s products to the existing customers.
  • Protection of material and immaterial assets of the Company and security of persons – this involves processing with the help of camera systems and systems of physical and IT security incl. visitor registration at the entrance of our buildings.
  • Processing for presentation purposes with the help of Company’s websites, this involves image information from the cooperation with commercial corporations we cooperate with.

Processing based on the consent of the data subject

The Company asks for the consent for personal data processing especially for:

  • Sending commercial messages
  • Copying personal documents for administration of contractual relationship with suppliers

6. Sharing Personal Data

We use all the personal data obtained from the customers and third parties for internal needs of the Company exclusively, we protect them against misuse and do not provide them to third parties without a prior notification or consent.

An exception from the above stated is constituted by external companies that ensure support services, control and audit companies, providers of services necessary for the performance of our activities (administrative activities, payroll agenda, archiving, legal consultancy, administration of receivables) and authorities of state and local government.

We request from all these providers by a contract (except authorities of state and local government) to process your personal data in accordance with conditions of the personal data protection and the valid legislation.

We process personal data only within the European Union so to be ensured their security and a relevant protection.

7. For What Period We Process Personal Data

We process and keep personal data of customers and third parties for the time reasonable necessary for ensuring all rights and obligations arising out of or in relating to a contract, and also for a period we are obliged to keep the personal data in accordance with generally binding legal provisions.

Personal data obtained on the basis of a free consent are processed till the withdrawal of this consent.

8. Your Rights

In connection with the processing of personal data you have right we:

  • Upon your request, provide you information which personal data we process, and other information about this processing incl. a copy of the processed personal data (the so called right of access to personal data);
  • Upon your request, rectify or complete your personal data;
  • Erase your personal data from our systems if:
    • We do not need them for next processing any more,
    • You have withdrawn your consent to their processing,
    • You rightfully raised objection against their processing,
    • Personal data were processed unlawfully, or
    • Personal data have to be erased according to legal provisions;
  • Restrict processing of your personal data (e. g. if you argue the processing is unlawful and we check the truthfulness of such argument, or for a period until your objection against the processing is solved);
  • On the basis of the withdrawal of your consent, stop processing your personal data which you have given us your consent for processing to.

Furthermore you have a right to raise an objection against processing your personal data.

If you want to apply each of these rights, please contact us on the above named e-mail or the correspondence address.

We will also inform you about an eventual breach of security of your personal data if such breach constitutes a high risk for your rights and obligations.

You have a right to apply with your complaint or suggestion to The Office for Personal Data Protection, contact address: Pplk. Sochora 27, 170 00 Praha 7, e-mail: posta@uoou.cz, data ebox: qkbaa2n