Privacy policy

Introduction

This guideline is dedicated to the issue of personal data protection in connection with the general regulation for the protection of personal data of natural persons (GDPR – General Data Protection Regulation).

In our general business terms and conditions, Grand Prix Tickets Czechia s.r.o. (hereinafter the “Company”) expresses our commitment to protecting the personal data of our customers, suppliers and business partners. The rules set forth herein define how this commitment will be implemented and the company’s position in the role of the personal data controller.

Principles and rules of personal data protection

We understand the importance of protecting your privacy while processing your personal data. To this end, we have adopted policies and rules of conduct that meet or exceed existing legislation.

We emphasize cooperation with companies that uphold the applicable legislation and perform their activities in accordance with the Regulation of the European Parliament and the Council (EU) concerning personal data protection.

Our employees are bound by the company’s internal rules regarding the strict confidentiality of your data. The company provides employees with training about the rules and other obligations concerning data security and protection. Further, the company performs internal audits to assure the fulfilment of our obligations when working with personal data. Access to personal data by employees is strictly controlled so that employees view only such information necessary to perform their work. Employee access to data is limited to perform their work.

When you visit our website, personal data is collected and processed in accordance with the legal regulations valid in the Czech Republic. To optimize the system performance of our website we automatically collect and store information. This information typically consists of your IP address, type of browser and language settings, operating system, internet service provider (ISP) and the date and duration of your visit.

We use this information for the effective management of the website, to obtain information about website user behaviour, to analyze trends and collect demographic data about our users as a whole. This collected information may be used for marketing and promotional purposes and for communication.

The company’s website may include links to other websites. Should you choose to visit these other websites, you would be subject to rules of use of personal data and cookies in use by those other websites.

Cookies and their use

The organization’s website, e-mail messages, online services, advertising and interactive applications may use “cookies” to optimize service.

A “cookie” is a small file, usually consisting of letters and numbers, which we send to your browser’s cookie file on the hard drive of your computer. This allows us to identify the device of the given user. The main purpose of cookies is to allow our internet server to provide the user with the website to which the user is accustomed, to make the experience of visiting the company’s website more personal and to react better to the user’s individual needs.

The company uses two types of cookies on the website:

• Session cookies – These are temporary cookies which are saved in the cookie file of your browser until the moment you stop working with the browser. These cookies are mandatory for the proper functioning of certain applications or functions on these pages.
• Permanent cookies – Permanent cookies may be used for easier and more convenient orientation on the website by users (e.g. faster and easier navigation). These cookies remain in the cookie file of your browser for a longer time, depending on your chosen internet browser settings. Permanent cookies allow the transfer of information to the internet server during every visit to the website. Permanent cookies are also known as tracking cookies.

Personal data is collected and processed only with your express consent.

Categories and scope of processed data

With regard to your personal data, we collect only that information which is reasonable and relevant for the given business purpose. This refers to personal data for the identification and communication with you and special categories of personal data which are needed for our business activity in accordance with the respective legal regulations.

Categories of personal data

Within the framework of our activity, we collect the following personal data of customers, business partners and suppliers as unique identifiers:

• Your name 
• Your company’s name
• Your address
• Your e-mail address
• Your telephone number
• Your company ID / tax ID / VAT number

We collect personal data about employment applicants and employees in accordance with applicable legislation. This information includes:

• Your name
• Your address
• Your e-mail address
• Your telephone number
• Your bank account number 
• Your date of birth
• Your ID document number

Term of processing

We work with your personal data:

• For the period necessary to fulfil the respective business purpose.
• For the period necessary to fulfil legal regulations (i.e. minimally for the term pursuant to the Archiving Act).
• To determine, exercise or defend legal claims.

Upon termination of the stipulated term for processing and storing personal data, your data will be safely deleted or destroyed, anonymized or transferred to the archive.

In the event that you consent for marketing purposes (incl. profiling for the purpose of offering suitable products and services), data is processed for the time necessary to meet such purpose.

Data source

The data we process is obtained primarily from the subjects of the personal data. However, we may also learn about you from other sources in order to confirm the information provided.

We process personal data, which is disclosed to us upon entering into a contract and during the term of the contract. In the case of establishing a new business relationship, we process your personal data disclosed by you when entering into a new contract.

If you are our employee or applicant for employment, the source of data may be referenced from former employers or references from internet sources, e.g. social networks such as LinkedIn or other job portals.

We may obtain your personal data and sensitive personal data for the purpose of fulfilling a contractual obligation to you.

We also process personal data legally obtained from publicly available information or in cooperation with government bodies and institutions (in the meaning of Act No. 253/2008 Coll., on selected measures against money laundering and financing of terrorism).

Personal data provided by a third party may be processed but only with your consent.

Purposes of processing personal data

The company processes personal data only in the scope required to fulfil the respective business purpose. Personal data may be processed under one or more of the following circumstances:

Legitimate purposes of processing

If you are dealing with Grand Prix Tickets Czechia s.r.o. as a customer, business partner or supplier, we will ask you to provide personal data for the following purposes:

• Entering into, managing and performing contracts.
• Managing customer relations, providing (online) services and contacts.
• Improving services.
• Marketing and customer analytics/processes.
• Detection, prevention, in accordance with the AML Act (anti-money laundering).
• Scientific and statistical analysis.
• Fulfilment of legal and regulatory obligations.
• If you are an applicant for employment or a former or existing employee, your personal data is processed for the following purposes:

Satisfying an employment contract, meeting contractual obligations and/or for human resources management.

• Internal management including evaluation of an organization or corporate culture.
• Employee health and satisfaction.
• Fraud detection and prevention.
• Fulfilment of legal and regulatory obligations.
• Protection of the vital interests of the employees.
• Analysis of employee profiles.
• Hiring and filling job openings, incl. former employees and applicants for employment.

Consent

If none of the variants is in question or if consent is required by other legal requirements, consent will be obtained from the owner of personal data before processing. When granting consent, we will provide you with the following information:

• Purpose of the processing for which consent is requested.
• Our contact data as the controller of personal data.
• Your rights in relation to personal data processing.

If processing is reasonably required to handle the request, then consent is assumed (e.g. visiting the website, using the applications of Grand Prix Tickets Czechia s.r.o., personal visits or attendance at social events).

Consent should be the voluntary, specific, informed and definite permission of the subjects of data to the processing of personal data relating to them, expressed in the form of a written statement (also electronically) or oral declaration.

The subject of data has the right to refuse or at any time revoke consent to the processing of personal data.

Rights of data owners

With the validity of the General Data Protection Regulation, the owners (subjects) of personal data have the right to:

• Information and access to personal data.
• Transferability of data.
• Restriction of processing.
• Correction and deletion of personal data.
• Information concerning correction or deletion of personal data or processing restriction.
• Raise an objection.
• Exemption from automated decision-making based on the data you provide.

The roles in which we can register your personal data and perform the definite identification of your person are:

• You are our client – buyer, the person interested in buying, the debtor.
• You are our business partner – trade intermediary.
• You are a partner’s customer – customer of our partner.
• You are our supplier – provider of services and technical support, sub-processor.
• You are our employee – existing and former employee or applicant for employment.

Please note that in some cases your rights relating to personal data protection may result in the limitation of our activities with you as well as our contractual relationship.

Controller’s contact data

To learn more about the nature of information processed about you and/or to exercise any rights provided herein, you may submit a request at our address Grand Prix Tickets Czechia s.r.o., Nové sady 988/2, 602 00 Brno, or at our electronic address info@tickets.gp

The request can be accepted in the case of definite identification of the person.

We will process your request/complaint without undue delay and inform you of its handling within 30 days from receiving the request/complaint.

Prevailing/superior interest

In some cases, the rights and obligations of Grand Prix Tickets Czechia s.r.o. may be superior to the rights of individuals, if under the given specific circumstances there is a justified interest that outweighs the interest of the individual (prevailing interest). The prevailing interest exists if it is necessary:

• To protect the justified business interests of Grand Prix Tickets Czechia s.r.o., including:

  • Health or safety of individuals. o Intellectual property rights, business secrets or the company’s reputation.
  • Continuity of business operations.
  • Preserving confidentiality during the proposed sale, merger or acquisition of an enterprise.
  • Involvement of trustworthy advisors or consultants for business, legal, tax or insurance purposes.
• Preventing or investigating violations of the law, be it actual or assumed, based on justified suspicion (including cooperation with law enforcement, e.g. the Czech Police), contracts or principles of our company.  
• Otherwise protecting or defending the rights of Grand Prix Tickets Czechia s.r.o., its employees or other parties.

Transfer of personal data to third parties

Within the framework of our activity, your personal data may be provided to:

• Entities stipulated by law, e.g. courts, the Czech National Bank, executors or insolvency administrators.
• Other entities for the protection of rights (e.g. courts, contractual physicians, investigators, court commissioners, etc.).
• Processors who guarantee the securing of personal data protection.
• With your consent, to other members of the Grand Prix Tickets Czechia s.r.o. group and cooperating business partners.

Third parties are provided with personal data only as necessary to perform a business purpose.

Grand Prix Tickets Czechia s.r.o. cooperates only with processors who provide adequate guarantees of the implementation of suitable technical and organizational measures, so that the given processing meets the legal requirements and ensures the protection of rights of our clients and our employees.

List of entities that may come into contact with your contact data

Controller

Grand Prix Tickets Czechia s.r.o., Nové sady 988/2, 602 00 Brno (company ID No.: 22217665)

Processors

• Business intermediaries authorized to process Grand Prix Tickets Czechia s.r.o. products.
• Public authorities and courts (in particular when performing our legal obligations).
• Auditors or other independent parties ensuring the performance of legal obligations. 
• Providers or operators of information technologies.
• Providers of services needed to perform our activities (administrative activity, archiving, legal consultancy, receivables management, etc.).
• Providers of health services (when investigating insured claims).

Monitoring and fulfilment of legal standards

Internal audits of processes and procedures involving personal data processing are performed at our company in order to make sure that we are fulfilling our obligations as mandated by law and by our contract.