Processing of personal data
Last updated on 1st April 2025
This document (hereinafter referred to as the "Principles") describes how the company BELOBRUSH s.r.o. (hereinafter also referred to as the "Administrator"), with its registered office at Rybná 716/24, 110 00 Prague 1, ID: 10747753, VAT identifiable person, registered in the Commercial Register maintained by the Municipal Court in Prague, section C, insert 347750, processes and protects personal data of natural persons (hereinafter referred to as "data subjects"). This document is based on Regulation (EU) 2016/679 ("GDPR") and the relevant laws of the Czech Republic (e.g. Act No. 110/2019 Coll., on the processing of personal data).
This document (hereinafter referred to as the "Principles") describes how the company BELOBRUSH s.r.o. (hereinafter also referred to as the "Administrator"), with its registered office at Rybná 716/24, 110 00 Prague 1, ID: 10747753, VAT identifiable person, registered in the Commercial Register maintained by the Municipal Court in Prague, section C, insert 347750, processes and protects personal data of natural persons (hereinafter referred to as "data subjects"). This document is based on Regulation (EU) 2016/679 ("GDPR") and the relevant laws of the Czech Republic (e.g. Act No. 110/2019 Coll., on the processing of personal data).
1. The data controller and contact information
1. The data controller and contact information
Administrator: BELOBRUSH s.r.o.
Registered Office: Rybná 716/24, 110 00 Prague 1
Company ID: 10747753
Email: info@belobrush.cz
Phone: +420 725 73 73 63
If you have any questions regarding the processing of personal data, please contact the above-mentioned contacts.
Administrator: BELOBRUSH s.r.o.
Registered Office: Rybná 716/24, 110 00 Prague 1
Company ID: 10747753
Email: info@belobrush.cz
Phone: +420 725 73 73 63
If you have any questions regarding the processing of personal data, please contact the above-mentioned contacts.
2. Scope of processed personal data
2. Scope of processed personal data
The administrator processes only those personal data that are necessary to fulfill the given purpose. Typically, this includes:
Identification details: first name, last name, company name (for self-employed individuals), company ID, tax ID, registered office/address,
Contact details: email, phone, possibly delivery address,
Billing details: necessary for issuing or keeping tax documents (if required by legislation),
Data related to the inquiry: project specifications, documentation for price offers, content of the order,
Technical data: IP address, cookies, browser settings, and similar data, if it is necessary to process them (see Article 7 below).
The administrator processes only those personal data that are necessary to fulfill the given purpose. Typically, this includes:
Identification details: first name, last name, company name (for self-employed individuals), company ID, tax ID, registered office/address,
Contact details: email, phone, possibly delivery address,
Billing details: necessary for issuing or keeping tax documents (if required by legislation),
Data related to the inquiry: project specifications, documentation for price offers, content of the order,
Technical data: IP address, cookies, browser settings, and similar data, if it is necessary to process them (see Article 7 below).
3. Purposes and legal basis for processing
3. Purposes and legal basis for processing
The Controller processes personal data mainly for the following purposes:
Fulfilment of the contract (including pre-contractual communication): ensuring the execution of contracts, invoicing, mutual communication – legal basis according to Article 6(1)(b) of the GDPR.
Compliance with legal obligations: primarily tax and accounting regulations, archiving, possibly responding to requests from public authorities – legal basis according to Article 6(1)(c) of the GDPR.
Legitimate interests of the Controller: protection of one's own rights, enforcement of claims, prevention of fraud, direct marketing for existing customers – legal basis according to Article 6(1)(f) of the GDPR.
Consent to processing: if the Controller sends commercial communications to individuals who are not current customers, or if it uses certain marketing cookies, consent is required according to Article 6(1)(a) of the GDPR (can be revoked at any time).
The Controller processes personal data mainly for the following purposes:
Fulfilment of the contract (including pre-contractual communication): ensuring the execution of contracts, invoicing, mutual communication – legal basis according to Article 6(1)(b) of the GDPR.
Compliance with legal obligations: primarily tax and accounting regulations, archiving, possibly responding to requests from public authorities – legal basis according to Article 6(1)(c) of the GDPR.
Legitimate interests of the Controller: protection of one's own rights, enforcement of claims, prevention of fraud, direct marketing for existing customers – legal basis according to Article 6(1)(f) of the GDPR.
Consent to processing: if the Controller sends commercial communications to individuals who are not current customers, or if it uses certain marketing cookies, consent is required according to Article 6(1)(a) of the GDPR (can be revoked at any time).
4. Retention period of personal data
4. Retention period of personal data
Personal data is stored for the period necessary to fulfil the purposes mentioned above, and in accordance with the retention periods set by the relevant legal regulations (e.g. the Accounting Act).
Data processed based on consent or legitimate interest (marketing) is retained until consent is withdrawn or an objection is raised, or for a maximum of 3 years from the last active contact (unless another legal reason for longer retention applies).
Personal data is stored for the period necessary to fulfil the purposes mentioned above, and in accordance with the retention periods set by the relevant legal regulations (e.g. the Accounting Act).
Data processed based on consent or legitimate interest (marketing) is retained until consent is withdrawn or an objection is raised, or for a maximum of 3 years from the last active contact (unless another legal reason for longer retention applies).
5. Recipients and processors of personal data
5. Recipients and processors of personal data
Personal data may be provided to:
External service providers (e.g. accountants, tax and legal advisors, IT and cloud services, email marketing tools),
Public authorities (tax office, courts, law enforcement agencies), if required by legal regulations. The administrator enters into so-called processing agreements with the relevant processors to ensure an appropriate level of personal data protection.
Personal data may be provided to:
External service providers (e.g. accountants, tax and legal advisors, IT and cloud services, email marketing tools),
Public authorities (tax office, courts, law enforcement agencies), if required by legal regulations. The administrator enters into so-called processing agreements with the relevant processors to ensure an appropriate level of personal data protection.
6. Rights of Data Subjects
6. Rights of Data Subjects
Data subjects have the following rights, which they can exercise at any time:
The right of access to personal data – to find out whether and how personal data is processed and to obtain a copy of it.
The right to rectification – to request the completion or correction of inaccurate or incomplete data.
The right to erasure (also known as the 'right to be forgotten'), if the legal conditions are met (e.g., if the data is no longer necessary for the purpose).
The right to restrict processing – e.g., when the subject contests the accuracy of the data or objects to unlawful processing.
The right to data portability – for data processed automatically based on consent or contract.
The right to object – primarily against processing based on legitimate interests (e.g., against direct marketing).
The right to lodge a complaint with a supervisory authority (Office for Personal Data Protection, www.uoou.cz), if the subject believes that processing is unlawful.
Data subjects have the following rights, which they can exercise at any time:
The right of access to personal data – to find out whether and how personal data is processed and to obtain a copy of it.
The right to rectification – to request the completion or correction of inaccurate or incomplete data.
The right to erasure (also known as the 'right to be forgotten'), if the legal conditions are met (e.g., if the data is no longer necessary for the purpose).
The right to restrict processing – e.g., when the subject contests the accuracy of the data or objects to unlawful processing.
The right to data portability – for data processed automatically based on consent or contract.
The right to object – primarily against processing based on legitimate interests (e.g., against direct marketing).
The right to lodge a complaint with a supervisory authority (Office for Personal Data Protection, www.uoou.cz), if the subject believes that processing is unlawful.
7. Cookies and similar technologies
7. Cookies and similar technologies
On the website (www.belobrush.cz), cookies may be used for the following purposes:
Ensuring the functionality of the pages,
Analyzing traffic and improving user-friendliness,
Possibly for marketing (based on consent).
Storing cookies can be restricted or disabled in your browser settings, which may limit some functions of the website.
More information about specific types of cookies and options for managing them may be provided directly on the website or in a separate cookies document.
On the website (www.belobrush.cz), cookies may be used for the following purposes:
Ensuring the functionality of the pages,
Analyzing traffic and improving user-friendliness,
Possibly for marketing (based on consent).
Storing cookies can be restricted or disabled in your browser settings, which may limit some functions of the website.
More information about specific types of cookies and options for managing them may be provided directly on the website or in a separate cookies document.
8. Final Provisions
8. Final Provisions
These Policies may be updated in response to legislative changes or changes in our activities. The current wording published on www.belobrush.cz always applies.
These Policies are effective from 1st April 2025
These Policies may be updated in response to legislative changes or changes in our activities. The current wording published on www.belobrush.cz always applies.
These Policies are effective from 1st April 2025
Information
BELOBRUSH Ltd.
Rybná 716/24, 110 00 Prague 1
Company ID: 10747753
© 2025 BELOBRUSH s.r.o. All rights reserved.
Information
BELOBRUSH Ltd.
Rybná 716/24, 110 00 Prague 1
Company ID: 10747753
© 2025 BELOBRUSH s.r.o. All rights reserved.
Information
BELOBRUSH Ltd.
Rybná 716/24, 110 00 Prague 1
Company ID: 10747753
© 2025 BELOBRUSH s.r.o. All rights reserved.
Information
BELOBRUSH Ltd.