General Data Protection Regulation
Consent with the processing of personal data
By submitting this form the user grants consent to the company Zeitgeist Asset Mannagemennt s.r.o., ID No.: 02861674, with its registered seat at Revoluční 767/25, 110 00 Praha 1, entered in the Commercial Register kept by the Prague Municipal Court in Section C, File No. C 224677 (the “Controller“) such that the latter may, process the following personal data of the user: name, surname, date of birth, address of residence, email address and phone No for marketing purposes, i.e. offering of transactions and services, sending information about marketing events of the Controller and other commercial communication including communication via sms, email and other electronic means in the sense of the Act No. 480/2004 Coll., on certain Information Society Services. The user acknowledges that the Controller processes collected personal data for the purposes of performance of contractual obligations related to accommodation services / rent ordered by the user to the extent and by means specified. Listed personal data may be processed for necessary period of time; unless otherwise stated in applicable law, the user acknowledges that period of 5 years is considered as necessary. The user expressly consents to the Controller engaging in the processing of their personal data as described above. The user is aware that users may revoke their consent at any time, e.g. by sending an e-mail (to: email@example.com) or a letter to the Controller’s address (as recorded in the Commercial Register). The user further acknowledges that processing of personal data will be performed by designated employees of the Controller by means of automated processing or manually. Personal data may also be provided to companies belonging to the Zeitgeist group. The user hereby expressly agrees that the Controller is entitled to transfer personal data to the provider of the requested service on the basis of contracts concluded between the Controller, its franchise partners and/or the following parties: Lowe OPEN s.r.o. The user is also aware that, under the relevant generally binding provisions of statutory law and directly applicable EU law (regulations) (in each case as amended), they have the right to (i) revoke their consent with the processing of their personal data at any time, (ii) demand that the Controller inform them which of the user’s personal data it is processing, (iii) require explanations from the Controller as to the processing of the user’s personal data, (iv) demand access to the processed personal data from the Controller, and have the Controller update or correct such data as needed, (v) demand that the Controller deletes user’s personal data, and (vi), in cases of doubt as to whether the obligations related to the processing of the user’s personal data have been honored, turn to the Controller or to the data protection authority (Úřad pro ochranu osobních údajů) for remedies. For the avoidance of doubt, the user represents and confirms that they were advised by the Controller within the meaning of the relevant generally binding provisions of statutory law and directly applicable EU law (regulations) (including the GDPR) of the intention to process their personal data, the scope of such processing and the terms under which such processing would take place, and any and all related rights of the user.
Applicable from 1.4.2021
ZEITGEIST ASSET MANAGEMENT s.r.o.
INFORMATION ON DATA PROCESSING AND PROTECTION
I. INFORMATION ABOUT THE DATA CONTROLLER
- ZEITGEIST Asset Management s.r.o., ID No. 02861674, entered in the Commercial Register kept by the Prague Municipal Court in Section C, File No. 224677 , with its seat at Revoluční 767/25, 110 00 Praha 1 (“ZEITGEIST“) in its capacity as the data controller has drawn up the present material to inform the data subjects (i.e., the “client“) about the processing of their personal data.
- Customers who have questions regarding the processing of their personal data may approach ZEITGEIST via e-mail (firstname.lastname@example.org) or by sending a letter addressed to the seat of the company.
II. FUNDAMENTAL PRINCIPLES OF DATA PROCESSING
- ZEITGEIST will at all times treat all personal data in accordance with the applicable law. In this document, clients learn of the rules in place at ZEITGEIST for the processing of personal data, and find out about the principles observed by ZEITGEIST in order to ensure the confidentiality and protection of personal data.
- When processing personal data of clients, ZEITGEIST will always abide by the following principles in particular:
- ZEITGEIST processes personal data in a transparent manner, always in compliance of all laws and legal regulations.
- ZEITGEIST always proceeds in a fair and transparent way when processing personal data, and seeks to minimize the purposes and the scope of data processing as much as possible.
- ZEITGEIST informs its clients using comprehensive, concise, and appropriate language, free from extraneous details, so that the client may understand the information on data processing and protection.
- ZEITGEIST sees to it that no client suffers any infringement of any of their rights (and of their right to dignity in particular), and sets utmost store in the protection of client’s privacy and personal life from unauthorized intrusion and interference.
- ZEITGEIST provides its clients with information about the processing of personal data before concluding a contract or providing a service by ZEITRAUM (this document is available on ZEITGEIST’s website: www.home.re) as well as during all face-to-face meetings with clients.
III. SCOPE, LEGAL TITLE, AND DURATION OF PERSONAL DATA PROCESSING
- ZEITGEIST processes the personal data of clients in the following scope:
- Data for identification – personal data which allow for the unique and unmistakable identification of the client (first and last name, academic titles), place of permanent residence, number of the client’s ID, birth identification number and signature; his includes all personal data through which the client as data subject may uniquely and unmistakably be identified.
- Contact data – personal data which facilitates contact with the client (i.e., in particular, the contact address, phone and fax number, e-mail address, etc. given by the client). This data makes it possible to establish contact with the client.
- Data originating from external sources – i.e., in particular, publicly accessible registers such as the Commercial Register, Insolvency Register, etc.
- Copies of official documents,
- Recorded correspondence with clients (including email communication).
- Information about concluded contract
- Information needed for bookkeeping
- Information bank details and banking information
- Special categories of personal data (sensitive data) processed only in exceptional cases with strict observance of applicable regulations on personal data (obligation towards Aliens police authority).
- In order to ensure safety of accommodated clients, ZEITGEIST operates safety cameras in designated common use areas in accommodation facilities. The visual recordings from the cameras are recorded using servers belonging to ZEITGEIST and accessible only to designated workers of ZEITGEIST. The recordings are stored only for 24 hours (and then automatically deleted by new recordings).
- Legal grounds for the processing of personal data ZEITGEIST will only ever gather and handle personal data in the extent necessary and for the relevant purpose; personal data is only ever processed so as to attain the designated purpose. The provision of personal data by clients is always voluntary; if data was made available for processing on the basis of a consent notice, the client may demand that the processed data be deleted (see further below). In certain cases, e.g. providing accommodation, ZEITGEIST may need the client’s personal data already at the time of the application/reservation of the accommodation. This is because without this data ZEITGEIST would not be able to provide the services requested by the client due to ZEITGEIST’s duties under the law and protection of ZEITGEIST’s legitimate interests. ZEITGEIST is entitled to process personal data of clients on basis of the following legal grounds:
- Consent notice – consent is given for one or several specific purposes. The notice of consent with the data processing by ZEITGEIST, freely given by the data subject, shall list which specific personal data will be processed by ZEITGEIST based on consent notice by data subjects (clients).
- Performance of contract – ZEITGEIST needs the personal data of the client in order to conclude the agreement with them and to subsequently perform under the same; this legal ground for data processing may regularly be invoked also during the pre-contractual stage.
- Compliance with the law – ZEITGEIST needs the personal data of the client in order to fulfill its statutory duties and obligations as a data controller.
- Legitimate interest – The processing of personal data is necessary to protect ZEITGEIST ’s legitimate interests, with the exception of those cases in which the client’s interests or their fundamental rights and basic freedoms take precedence over the interests of ZEITGEIST.
- ZEITGEIST processes the personal data of clients for the following purposes:
- Performance of contract – Personal data processing is indispensable to properly exercise the rights and discharge the obligations which arise for ZEITGEIST from the contractual relationship with the client (e.g. preparing the agreement, or monitoring the proper provision of services under the agreement). ZEITGEIST will process personal data for this purpose for the duration of the contractual relationship and for the duration of the limitation period relating to rights and obligations arising from the contract and for the duration of possible archiving.
- Legitimate interests of ZEITGEIST – The personal data processing is indispensable for this purpose (e.g.: monitoring and preventing fraud; physical protection of the premises and property of ZEITGEIST; internal reporting; resolution of conflicts with the client, protection and exercise of ZEITGEIST ‘s rights; direct marketing; marketing activities, statistical purposes), in the same scope as for the purpose of the performance of contracts. ZEITGEIST will process personal data for this purpose for the duration of the contractual relationship and until the expiry of all relevant periods of limitation related to the exercise of rights and discharge of obligations within that relationship.
- Observance of legal duties – The processing of personal data for this purpose is indispensable because an act of law or other generally binding statutory provision requires such processing (e.g. to to observe the duty of due care, or to fulfill notification duty vis-a-vis public authorities, or to fulfill obligations in connection with the enforcement of public-law decisions, or to fulfill identification and KYC duties or other duties in connection with the prevention of money laundering if ZEITGEIST has such duties, or to fulfill archiving duties). ZEITGEIST will process personal data for this purpose within the scope prescribed by law in each individual case. In this respect, ZEITGEIST may furnish and store copies of documents and other materials (including the client’s ID, if the client specifically consented to have their ID photocopied), in each case in accordance with the relevant agreement and its annexes, and in accordance with the applicable laws and regulations. ZEITGEIST will process personal data for this purpose for as long as required under the applicable provisions of statutory law.
IV. SOURCES FROM WHICH THE PERSONAL DATA ORIGINATES
- ZEITGEIST gathers personal data within the context of its operations:
- directly from the client, during the negotiations of its contractual relationship and the subsequent performance under the same;
- from publicly accessible registers, lists, and records (Commercial Register, Trade Licensing Register, Insolvency register etc.)
V. DATA PROCESSING METHODS
- ZEITGEIST will process the personal data of its clients both by means of automated processing and manually.
VI. INFORMATION REGARDING DISCLOSURE AND TRANSFER OF PERSONAL DATA TO THIRD PARTIES – data recipients and data processors
- ZEITGEIST will disclose the personal data of its clients to public authorities, entities whom ZEITGEIST must grant access to the data under the law – i.e., in particular, Aliens police of the Czech republic, administrative authorities, courts, court bailiffs, notary publics, court commissioners, insolvency trustees, etc.
- ZEITGEIST as the data controller will process the personal data using its own staff and has implemented the technical, organizational, and personnel measures and precautions that guarantee a high level of protection and the non-disclosure of personal data of its clients. In this sense ZEITGEIST will make use of the following data processors when processing its clients’ personal data; ZEITGEIST relies on these when providing services and products (in particular in the area of marketing) or, as the case may be, has commissioned them with the discharge of its contractual obligations and its duties under the law, in each case on the basis of a data processing agreement: companies belonging ZEITGEIST Group: – Home by Zeitgeist s.r.o. external service providers – accountants, tax advisers and other specialists – IT services providers
VII. RIGHTS OF THE DATA SUBJECT IN CONNECTION WITH THE DATA PROCESSING
- The client’s personal data will always be processed in a transparent and proper manner and in compliance with the statutory requirements. With that said, the client may at any time turn to ZEITGEIST to ask for information on the manner in which their personal data is being processed or in order to enforce any of their related rights as set out below:
- Right of access – The client may ask ZEITGEIST for access to their personal data and, in particular, explanations as to the manner in which this data is being processed, whereas these explanations shall have the form of a notice informing the client of the purpose of data processing; the scope and contents of the processed personal data or, as the case may be, data categories (including all information on the sources from which such data originated, where available); and the nature of the means of automatic processing, if automatic processing is used in decision-making processes (i.e., if, based on said data processing, steps are taken or decisions are passed which have impact on the rights and legitimate interests of the client and of the recipient of the personal data, or data categories).
- Right to rectification of faulty data – If the client believes that the personal data processed by ZEITGEIST is inaccurate or incomplete, they may call upon ZEITGEIST to update or supplement said data. The client may object to any processing of inaccurate data or processing which is not in compliance with the law, and may demand the rectification of such data.
- Right to deletion of personal data (“right to be forgotten”) – The client has the right to demand that their personal data are deleted if such data is no longer required for the purpose for which it was processed, if the client has withdrawn their consent with the processing, or if the data processing was unlawful in which case deletion is mandated under the law.
- Right to restrict data processing – The client may demand that the data processing be restricted if they challenge the accuracy of their personal data or if the processing has been unlawful but they do not wish to see the data deleted; if ZEITGEIST M no longer needs the specific personal data for the purposes of processing but the client may still require such data (e.g. in connection with the enforcement of claims in court); or if the client in its capacity as the data subject whose data is being processed but it has yet to be determined whether its legitimate interests take precedence over those of ZEITGEIST.
- Right to data portability – In the case of automated processing based on an agreement or based on consent given to ZEITGEIST, the client has the right to transfer their data from one controller to another (or to the client), in which case they must receive a copy of the data in a structured, commonly used, machine-readable format.
- Right to withdraw the consent to data processing – To the extent that the data subject has granted ZEITGEIST consent with the processing of their personal data for purposes that require prior consent, the data subject may revoke the consent at any time. Data processing which took place before the consent was withdrawn, however, is deemed lawful and legitimate.
- Right to complain to the supervisory authority – The client may bring their complaints before the supervisory authority, i.e., the Czech Data Protection Office (Úřad pro ochranu osobních údajů) if the client believes that data processing and rules on personal data protection were breached in connection with the processing of client’s data. Contact details: Úřad pro ochranu osobních údajů, Pplk. Sochora 27, 170 00 Prague 7, Phone No.: +420 234 665 111.
- The data subjects who wish to exercise these rights should contact ZEITGEIST at email@example.com or send a letter addressed to the registered seat of ZEITGEIST.
- ZEITGEIST will always promptly respond to request concerning the exercise of rights of the client in their capacity as data subjects, and in any case no later than within the statutory time period of 30 calendar days from receiving the request. In individual, well-substantiated cases, this time period may be extended by two additional months. ZEITGEIST will always notify the client of such an extension of the time period for responding to their request, and in so doing will specify the reasons that substantiate the extension.
Valid as of 25 May 2018