It seems that you are using a browser that does not support today's standard for displaying web content. This may cause some parts of the website to not function properly. We recommend that you update your browser or download one that meets today's standard.

Update

Cookie settings

Cookies are small browser files that allow us to temporarily store information about your device and you, as a user, exclusively while you are browsing the LICON website. These files help us obtain information about traffic and user behavior, based on which we continuously improve the website.

Privacy policy

Privacy policy

INFORMATION ON THE PROCESSING OF PERSONAL DATA IN LICON s.r.o.

Dear customers, business partners, website visitors and job applicants, this document informs you about the conditions and circumstances of the processing of your personal data in our company, about the safeguarding of personal data, and about your rights related to the processing of such data.

When processing your personal data, we ensure compliance with European Union law, in particular with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation, hereinafter the “GDPR”), and with relevant national legislation, in particular the Personal Data Processing Act (Act No. 110/2019 Coll.).

This information on the processing of personal data (hereinafter the “Information”) explains what personal data our company collects from you or about you, through communication with you, in connection with the use of the products and services we provide to you, or in connection with other business relationships between us. This Information also explains what personal data we obtain from other persons or sources and how we use this data.
In addition to this summary Information, you will also find some details on the processing of your personal data in documents we provide to you in the course of our mutual communication, in particular in contractual documentation. Over time, applicable legislation or our terms, procedures and methods of processing and protecting your personal data may change. We will always inform you of such changes by updating this Information, unless such a change requires us to also notify you by means of individual communication (by letter or email).
This version of the Information on the processing of personal data is valid and effective as of 01/10/2023. The current wording of this document is published on the website https://www.licon.cz/.

I. GENERAL INFORMATION

1. Identity and contact details of the data controller

The controller of your personal data is LICON s.r.o., ID No. 604 62 183, registered office at Svárovská 699, 463 03 Stráž nad Nisou, registered in the Commercial Register kept by the Regional Court in Ústí nad Labem, Section C, Insert No. 45470 (hereinafter the “Company”).
You can contact the Company regarding personal data protection and processing at the above address of its registered office or by email at proti.korupcni.linka@licon.cz or via the data box ID: 6s7ihm3.
The Company is not obliged to appoint a Data Protection Officer. This function has therefore not been established in the Company. The Company is a subsidiary of KORADO, a.s. In some exceptional cases, your personal data may also be processed by other members of the KORADO group as processors.

2. General principles in personal data processing

When processing personal data, we respect your rights and in particular comply with the following principles:
– personal data is processed fairly, lawfully and in a transparent manner
– personal data is collected solely for legitimate purposes and processed in a manner compatible with those purposes
– when processing personal data, we limit ourselves to the minimum necessary to fulfil the specified purposes
– we take all reasonable and available measures to secure personal data during processing
– we process only accurate and up-to-date personal data; inaccurate or superfluous data is corrected or deleted
– personal data is stored for the period necessary for the purposes for which it is processed;
– personal data is processed only in a way that ensures appropriate security of personal data, including protection by suitable technical and organisational measures against unauthorised or unlawful processing and accidental loss, destruction or damage

3. Categories of personal data processed (What personal data do we process?)

For the purposes we have defined, we process in particular the following categories of personal data:
– identification and address data: first name, surname, title, date of birth, address (residence, delivery or other contact address), for a natural person–entrepreneur also the business name or suffix attached to the name, registered office of business and ID No.
– electronic contact details: telephone, mobile phone, fax, email address, data box ID
– other electronic data: IP address, location data, data transmitted from the customer’s internet browser, etc.
– other personal data necessary for performance of a contract: bank account number, invoiced amount, etc.
– information on creditworthiness and reliability: records of fulfilment of payment obligations including information from public registers

Personal identification number: We will process your personal identification number only if you voluntarily state it on a contract or elsewhere, or if required by legal regulation. If, on the basis of or in connection with a concluded contract, you provide us with your personal identification number, you, as the holder of the personal identification number within the meaning of Section 13c(1) of Act No. 133/2000 Coll., consent to our using the personal identification number for the purposes of contract records, provided performance and protection of our rights, to archive it, process it and use it in accordance with this purpose.

4. Sources of personal data (From where and how do we obtain personal data?)

We obtain your personal data primarily from you, from third parties, from publicly available sources or from our own activities. We obtain personal data directly from you in particular in the course of negotiations on the conclusion of a contract and during its performance, or in any form of communication between us (in person, in writing, by telephone, electronically—primarily by email, website registration, etc.). We obtain personal data from third parties mainly in cases where such third parties enter into the contractual relationship between our Company and you (various types of intermediaries). We may also obtain it from public authorities or other third parties when fulfilling legal obligations or on the basis of special legal regulations. In cases where we assert our legitimate interests, especially our interest in acting prudently, we may obtain your basic data and some other data from public sources—public registers, such as the Trade Register, Land Register, Insolvency Register or the Central Register of Enforcements and similar, and possibly also from social networks (if you publish your data there yourself). We obtain your personal data from our own activities when evaluating the data you provide to us in connection with the use of our products and services.

5. Purpose of personal data processing

We always use and process the personal data obtained only for a specific purpose and to the extent necessary for that purpose. Depending on the nature of our relationship with you, we process personal data in particular for the following purposes:
– conclusion of a contract, performance of a contract, handling your matters
– fulfilment of our legal obligations
– pursuit and protection of our legitimate interests
– marketing purposes

6. Legal basis for processing personal data

To process your data, we must always have at least one of the legal bases below (a legitimate reason for processing):
– your consent to the processing of personal data
– necessity of processing personal data for the performance of a contract
– compliance with a legal obligation
– the Company’s legitimate interest, except in cases where your interests or your fundamental rights and freedoms override our interests
The most frequent legal basis for processing will be the necessity of processing personal data for the performance of a contract concluded with you and the fulfilment of our legal obligation. During our contractual or other relationship, there may occur situations associated with the processing of your personal data which we will not be able to use for a specific purpose without your consent. We will inform you of such situations separately and offer you the option to grant our Company consent to the use of your precisely defined personal data for a specifically described purpose for a predetermined period. Granting consent is entirely at your discretion. If, on our part, it is not possible to provide certain services or products without granting consent, you will be informed of this in advance. You can of course change your decision at any time and withdraw any consent given. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
The Company’s specific legitimate interests, which may also become the legal basis for processing your personal data, will always depend on the type of cooperation or the nature of our relationship. Typically, this will be a legitimate interest in the protection of our rights, an interest in processing data for statistical purposes, an interest in ensuring our IT or other security, etc.

7. Transfer of personal data to third parties (recipients), transfer of personal data abroad

Your personal data is processed both by our Company itself and through third parties, so-called personal data processors. We always endeavour to select sufficiently trustworthy persons as processors. We always conclude a written personal data processing agreement with all our processors, which contains guarantees for the security of your personal data.
We may make your data available to third parties as data controllers only in cases where legal regulation imposes or permits this, or where your consent exists. We will then transfer personal data only to the usual extent to processors or other recipients—providers of external services (typically programming or other supporting technical services, providers of computer systems, server services, email distribution and providers of archiving services), operators of (backup) servers or operators of technologies who process them to ensure the functionality of the relevant services, or to other members of the KORADO group. We may also make your personal data available, to the extent strictly necessary, to legal, economic and tax advisors and auditors who process it for the purpose of providing advisory services. Personal data relating to debtors may also be made available to a company providing receivable insurance or to other companies for the purpose of debt collection. Upon request or in the event of suspected unlawful conduct, personal data may also be transferred to public authorities.
The GDPR restricts the transfer of personal data abroad outside the EU. Our Company does not normally transfer personal data abroad outside the EU. However, it may happen that your personal data will be processed in a computer system whose servers are located outside the EU, although we try to avoid such situations. In such a case, we would choose as a contractual partner a company that meets the conditions approved by the European Commission for secure data transfer. If we were to transfer your personal data outside the EU, we will, if necessary, inform you of this in an appropriate manner.

8. Method of processing and security of personal data

When processing personal data, our Company always proceeds in such a way as to ensure that your personal data is properly secured and cannot be misused. The processing of your personal data may be both manual and automated. Automated processing takes place in our Company’s information systems or in the information systems of our processors. However, we do not carry out any decision-making based solely on automated processing, including profiling, that would have legal effects concerning you.
Your personal data is processed primarily by the Company’s relevant employees who need to have access to personal data to perform their job duties and who are bound to confidentiality regarding all facts and data they learn in the course of their work. In addition, employees of our processors also have access to your personal data, but only to the extent necessary to perform their activities for our Company.

9. Period for which we will process your personal data

Our Company stores your personal data for the period strictly necessary to provide products and services, to complete requested transactions, or for other necessary purposes such as compliance with our legal obligations, contractual commitments, dispute resolution, and legal enforcement of agreed arrangements. These needs differ depending on the type of product or service provided and the type of contractual relationship, and therefore the actual data retention period may vary significantly.
It always applies that we collect only such data of yours that we necessarily need for the specific purpose, and we do not retain your data longer than required by legal regulations or longer than is reasonable with regard to the purpose of processing. When determining the appropriateness of the period of personal data processing, we base our assessment in particular on the following criteria: the length of the limitation period, the likelihood of legal claims being raised, common market practices, the probability and significance of threatening risks, and any recommendations of supervisory authorities.
Data which we process on the basis of your possible consent is retained for the period for which the consent is validly granted to us. To document our fulfilment of obligations under data protection regulations, even after the withdrawal of consent we may store for a reasonable period (usually max. 4 years) information about how we obtained consent and what it covered, or when and how it was withdrawn.
In exceptional cases, for example when conducting litigation, documents containing your personal data may be retained for a longer period in order to protect our legitimate interests. This concerns in particular cases where we would have to present such documents as evidence in court proceedings, administrative proceedings or due to enforcement proceedings (in view of the statutory limitation periods under the current Civil Code, e.g. in connection with warranties provided).

10. Your rights to ensure the protection of personal data

At any time during the processing of your personal data you may exercise the following rights:
– the right of access to your personal data and to obtain a copy of the personal data we process about you
– the right to rectification and completion of your personal data if you find that we process incorrect or inaccurate personal data about you
– the right to erasure of your personal data if the conditions laid down by legal regulations are met
– the right to restriction of the processing of your personal data, where at your request we may, under certain conditions laid down by legal regulations, restrict the handling of your personal data
– the right to data portability to another controller if we process your personal data on the basis of your consent or for the purposes of performing a contract and the processing is automated at the same time
– the right to object to the processing of personal data if personal data is processed for the purposes of the Company’s legitimate interests. If you lodge an objection, we will not process your personal data until we demonstrate compelling legitimate grounds for the processing which override your interests or rights and freedoms, or for the establishment, exercise or defence of legal claims. In the case of processing of personal data for the offering of our products and services, we will immediately terminate the processing of your personal data for this purpose after an objection is raised.
If we receive a request to exercise your rights listed above, we will inform you of measures taken without undue delay and in any case within one month of receipt of the request. This time limit may be extended by a further two months if necessary, taking into account the complexity and number of requests. In certain cases laid down by the GDPR, our Company is not obliged to fully or partially comply with the request. This will be the case in particular if the request is manifestly unfounded or excessive, especially because it is repetitive. In such cases we may charge a reasonable fee reflecting the administrative costs of providing the requested information or communications or taking the requested action, or refuse to comply with the request. If we receive a request as above but have reasonable doubts as to the identity of the applicant, we may ask them to provide additional information necessary to confirm their identity. We will store, for a reasonable period (usually 3–4 years), information that you have exercised your rights with us and how we handled your request, for the purpose of documenting this fact, for statistical purposes, improving our services and protecting our rights.
You are not obliged to provide us with your personal data. In specific situations we will always inform you whether the provision of personal data is a statutory or contractual requirement and whether you are obliged to provide personal data. We will also inform you which of your personal data is necessary for the conclusion of the relevant contract or the provision of the service or use of the product, and your possible refusal will lead us to conclude that we will not be able to provide you with the offered product or service or to conclude the relevant contract with you.
It may also happen that your data is recorded incorrectly or is not up to date. At your request we will of course correct or complete it. If there are changes in your data, please inform us of these changes so that we can properly update the data we process about you.
If you believe that we are processing your personal data unlawfully or are otherwise violating your rights, you have the right to lodge a complaint with the supervisory authority (Office for Personal Data Protection, Pplk. Sochora 27, 170 00 Prague 7) or the right to seek judicial protection.

II. SUPPLEMENTARY INFORMATION ON THE PROCESSING OF PERSONAL DATA

The following supplementary information summarises further processing and personal data protection principles relating to certain specific cases. Unless otherwise stated in this supplementary information, the general information set out in Article I shall continue to apply in full.

1. Contractual partners (natural persons)

a) Categories of personal data processed:
If you are our existing or potential contractual partner, our Company will also process additional data beyond the above, such as data stated in the contract, invoiced and paid (owed) amounts, data on ongoing performance and communication with you or your employees. In connection with communication with you, we may also store certain technical data, i.e. the time the communication took place and the IP address from which it was sent. If you are our potential contractual partner (entrepreneur), we may process data obtained from open sources (e.g. from your website or advertisements placed by you) so that we can contact you by telephone with an offer of services. We may store such basic data in our CRM system for the purpose of further contact.

b) Purpose of personal data processing:
The primary purpose of processing personal data will be the conclusion and performance of the concluded contract. In this context, the data will also be used for the recording and proper performance of contractual relationships, for the control of the activities of our employees, for statistical purposes, further development of our services, either of the service to which the contract relates or of our internal administrative procedures, for the enforcement of receivables and for the protection of the rights of ours and third parties (e.g. other contractual partners), especially against unlawful activity. Data (in particular obtained from communication with the partner, such as IP address and time of communication) will also be used for IT security purposes. Personal data will also be used for the fulfilment of our legal obligations, in particular under regulations governing accounting and taxes, regulations concerning personal data protection (both your data and the data of persons acting on your behalf), regulations on the regulation of advertising, etc., and for the purposes of direct marketing (sending offers of our other products and services).

c) Legal basis for personal data processing:
The legal basis for processing your data is the necessity of performing the contract (incl. enforcement of receivables), the protection of our legitimate interests (record of contractual relations, protection against unlawful activity including IT security, further development of products or services, statistical purposes, processing for direct marketing) and the legitimate interests of third parties (in particular other contractual partners involved in the performance of the contract) and compliance with legal obligations (in particular the prevention of unlawful activity, fulfilment of requirements under data protection regulations, keeping of accounts and fulfilment of obligations under tax regulations).

d) Direct marketing:
We may also process data about our potential, current or former partners for the purposes of so-called direct marketing, which typically involves sending emails or making telephone contacts with offers of products or services similar to those you have purchased from us. The sending of offers is not time-limited; however, if you express a wish that we no longer send you such offers, we will not send them to you. We will nevertheless continue to process for a reasonable period of time the basic data about the sending in order to be able to prove why we sent you these offers. We will not transfer your data for the purpose of sending offers to any third parties (with the exception of our subcontractors—processors who will carry out the processing for us).
Under Section 7 of Act No. 480/2004 Coll., we may send commercial communications to your address (including email), you may be contacted by unsolicited direct mail containing commercial communications relating to our products, business and services. You may refuse such sending at any time, preferably by unsubscribing from further sending using the link that will usually be attached for this purpose, or at the address of our Company’s registered office or by email to info@licon.cz. Unless you expressly specify otherwise, such refusal does not affect the sending of other types of commercial communications to which you are not responding.

2. Contact persons of our contractual partners

As part of the processing of personal data of current or potential contractual partners, we also process data about their contact persons (e.g. statutory bodies or employees). Typically, the data processed includes the first and last name of such persons, their email address, job position, telephone number and, where applicable, records of meetings with them. This data is processed for the same purposes and to a similar extent and for a similar duration as the data of contractual partners. Individual employees of our Company may keep their own lists of contact persons, e.g. in telephone directories or business card catalogues. Telephone numbers with which communication took place from company devices are also stored for a reasonable period for the purpose of proper billing of telecommunication services, protection of our rights and possible differentiation between private and business calls. However, access to such data is granted, apart from system administrators, only to the employees from whose devices the communication took place.

3. Job applicants

a) Categories of personal data processed:
If you are a job applicant in our Company, in addition to basic data about you (identification and contact details) we will process data from your CV, such as information about your education, previous work experience, language skills, etc. We may also process data about your references from previous employment or contact details of your former colleagues or employers that you may provide to us, and you also agree that we may contact them. In connection with a personal interview or telephone conversation with you, we may also note the impression you made on us or how your demeanour corresponds to the information given in your CV.
If we contact you without you having given prior consent, we will do so only on the basis of data you have published for that purpose (e.g. via your profile on LinkedIn, in your own advertisement, etc.).
In connection with your response to a job advertisement posted on our website, we may also store certain technical data, i.e. the time of your response and the IP address from which it will be sent.

b) Sources of personal data and method of processing:
We will primarily obtain data directly from you in the course of our communication, whatever its form (in such cases this may typically be a response to an advertisement, completion of a form on a website, etc.).
In some cases (filling a specialised position) we may obtain your contact details and other information from public sources, e.g. from LinkedIn or from portals such as jobdnes.cz or jobs.cz through which CVs can be shared (within such services, CVs are shared with your consent).
After contacting you, with your consent we will include you in the relevant selection procedure for the given position or in our database of applicants. If you do not consent, we will not process your data in this way and for this purpose. However, we may store for a reasonable period the basic information that we contacted you and why. You may withdraw your consent to participate in the selection procedure at any time (ideally by sending an appropriate message to the contact person from our Company’s HR department).
For job applicants we also use the website https://www.licon.cz/kariera.
If you are successful in the selection procedure and become an employee of our Company, the data you have provided (in particular your CV) may become part of your personnel file.

c) Purpose of personal data processing:
Your personal data will be used primarily to select a suitable candidate to fill a position within ongoing selection procedures (including external cooperation). We will also use your basic identification data for the purposes of protecting the rights of our Company or third parties against any unlawful conduct that might be carried out in the course of such activities and for the purposes of IT security of our website and network.
Data on how you gave us your consent or basic data about you and how we obtained your data will also be used to fulfil our legal obligations, in particular obligations under data protection regulations (demonstrating your consent to data processing, etc.) and, where appropriate, for purposes related to verifying the fulfilment of contracts concluded with the operators of the above-mentioned services for sharing CVs.
By providing personal data (e.g. in the form of responding to an advertisement or completing a form on a website) or by consenting to inclusion in the selection procedure, you enable our Company to use your personal data for the selection of a suitable candidate to fill a position within the given ongoing selection procedure, or within another concurrently ongoing selection procedure for a comparable position. If we wish to use your personal data also in the context of filling other positions or for future selection procedures, we will ask you for consent to such use.

d) Legal basis for processing personal data:
The legal basis for the above processing is your consent (for the purpose of your inclusion in the selection procedure or in our database of CVs for the purpose of offering job positions in the future) and the legitimate interests of our Company (in particular in the case of initial obtaining of your contacts otherwise than with your consent). Please note that the provision of personal data for processing with your consent is voluntary on your part; however, without your consent we will not be able to include you in the relevant selection procedures.
Furthermore, the legal basis for the above processing is also the fulfilment of our Company’s legal obligations, in particular in the area of data protection regulations (EU Regulation No. 2016/679).

e) Period for which we will process your personal data:
The processing of personal data for the basic purpose, i.e. for the selection of a suitable candidate to fill a position within the ongoing selection procedure, will be carried out until the position is filled and for approximately 6 months thereafter (so that we can contact you with an offer of this position if the originally selected candidate does not prove suitable; after this period, our mutual communication may be archived for a reasonable time for the purpose of protecting our rights or the rights of third parties). If we hire you, the CV you sent and other similar data about you will become part of your personnel file and we will process it for the duration of this file.
For the other purposes mentioned above (protection of rights, IT security, fulfilment of legal obligations) we will process the necessary data about you (usually not the CV you provided) for a reasonable period.

4. Visitors to the Company’s website (https://www.licon.cz/)

a) Categories of personal data processed:
We process in particular data about your activity on our website, IP address, date and time of access, basic geographic location, etc.
If your data is processed on the basis of your consent, we also process data on the manner and time of granting or withdrawing consent, including your IP address from which you ticked the relevant box.

b) Sources of personal data and method of processing:
The source of the personal data we process about you is in particular your activity on our website. If we need data from you that will directly identify you or that will allow us to contact you, we will explicitly ask you for it.
We usually process your data in our own computer systems, or we may use the systems of third parties (so-called processors).

c) Purpose of personal data processing:
– measuring traffic to our site
– improving the content of our site and its development
– ensuring the security of our systems and network against external attacks or misuse by users, to the standard commonly implemented in the market
– contacting you in case of your inquiry about our products
– organising seminars and training
– applying for a vacant position
– organising consumer competitions
– keeping accounting records and fulfilling other legal obligations (e.g. documenting consent to the processing of personal data, etc.).

d) Cookies:
To distinguish individual computers and to set certain services individually, we use cookies or other similar network identifiers on our website. Cookies are small text files that our servers store on individual computers via a web browser. Cookies can be thought of as the memory of a website, which on the basis of them recognises, upon the user’s next visit from the same computer, that it is the same user. Cookies are not used to obtain any sensitive personal data. Standard web browsers support cookie management. For more detailed information, please use your browser’s help. If cookies are enabled in your browser, we will assume that you agree to the use of standard cookies by our servers.

5. Camera system

A camera system with recording is operated on the company premises for the purpose of property protection. The recordings are not further processed or personalised from the perspective of personal data. We do not deliberately process data from camera systems and we use them only in duly justified exceptional cases as evidence for the protection of the Company’s property.

III. RISKS AND RECOMMENDED PROCEDURES

Every processing of personal data entails certain risks. These may vary depending on the scope of the data processed and the method of processing. Below we list some recommended procedures that may help you better protect your data:
– When providing your personal data, always consider whether it is really necessary to provide such data to another person. You should carefully consider in particular providing data relating to your private life and aspects thereof unrelated to the purposes for which you provide it, or data intended for publication (e.g. your comments under articles, etc.). If you feel that we are requesting too much data from you, please contact us and we will verify the proportionality of our request.
– If you provide us with personal data of third parties (your family members, employees, etc.), again consider whether such transfer is necessary and needed. If necessary, obtain the consent of such third parties.
– If one of our colleagues asks you to provide data, do not hesitate to ask whether it is necessary and whether the processing objective cannot be achieved without such data.
– Persons under 18 are particularly vulnerable. If the transfer of data concerns such persons, it is necessary to carefully consider all circumstances. It is also necessary to consider whether the consent of such persons or their legal representatives (e.g. parents) is required for the provision of such data. If you are under 18, we recommend discussing the matter with your legal guardian (parent) or contacting us specifically in this matter.
– If you are going to log in somewhere using a password, always use a unique strong password that you will not use for other devices and accesses. Do not tell or make your password available to anyone. We will never ask you to disclose your password, so be especially careful of various email requests to disclose passwords, even if they are signed in our name. These are likely forgeries intended to obtain and subsequently misuse the password.
– If you send us confidential data, try to use a secure method of communication, e.g. password-protecting a file combined with encryption and providing the password via a different communication channel.
– If you feel that our Company is not fully complying with all obligations, there has been an unauthorised data breach or another similar event, please let us know as soon as possible.

Updated 27 November 2023