Pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter the “GDPR”), the purpose of this advice is to provide information on the processing of personal data obtained about natural persons entering the premises on 7th floor of the City Tower building at Hvězdova 2b, 140 00 Praha 4

• >>> (hereinafter as “Pankrac Office”)

PERSONAL DATA CONTROLLERS

2N TELEKOMUNIKACE a.s., with its registered office in Prague 4, at Modřanská 621/72, Postal Code 143 01, Id. No.: 261 83 960, registered in the Commercial Register kept by the Municipal Court in Prague under File No. B 6613 (hereinafter “2N”), is the controller of personal data (hereinafter the “Controller”).

CONTACT DETAILS

If you have any questions concerning the processing of personal data through the access units and cameras within the Pankrac Office, contact any of the Controller at the above-specified telephone number or email address.

ACCESS UNITS AND CAMERA SURVEILLANCE SYSTEM

The access units system consists of door communicators and card readers (or other means of identification) located at the entrance to the Pankrac Office and other spatially separated areas of the Pankrac Office. Access management is carried out through the Access Commander application operated by 2N on 2N’s own infrastructure

The camera surveillance system consists of several industrial cameras with recording to a storage device located in or at the entrance to the Pankrac Office, monitoring adjacent entrance and some indoor areas.

The plan showing the location of access units and cameras is attached to this Information as its Annex 1.

The monitored areas are always marked with an information board with the following message:

“OUTDOOR AND INDOOR PREMISES OF THE ESTABLISHMENT ARE MONITORED BY A CAMERA SURVEILLANCE SYSTEM.
INTERCOMS AND ACCESS UNITS ENABLING IDENTIFICATION OF PERSONS ENTERING ARE LOCATED IN THE PREMISES.”

TYPES OF PERSONAL DATA AND CATEGORIES OF DATA SUBJECTS

The Controller processes the following types of personal data (or only some of them):

• identification details of data subjects (name, surname); 
• business name;
• login card ID;
• fingerprint hash;
• Bluetooth identifier; 
• Audio record of data subject and/or
• data subject’s photo.

The Controller does not process any special categories of personal data within the meaning of Article 9 of the GDPR or personal data relating to criminal convictions and offences within the meaning of Article 10 of the GDPR.

The processing of personal data concerns persons entering the premises of the Pankrac Office (category of data subjects). These may include, for example, employees, co-workers or visitors to 2N.

LEGAL BASIS, PURPOSE AND DURATION OF PERSONAL DATA PROCESSING

The processing is necessary to protect the legitimate interests of the controller or a third party.

The purpose of personal data processing is:

• Increase of property protection (theft, burglary, vandalism),
• increase of personal safety,
• prevention of emergencies,
• obtaining evidence for the competent authorities (courts and the Police of the Czech Republic in the case of criminal offences, municipal authorities in the case of misdemeanours),
• obtaining material for dealing with insurance claims.

The camera surveillance system operates continuously. The access units system is activated by tapping an access card on the reader or using some other means of identification of the entering person (e.g. by pressing a finger against a fingerprint reader, pairing with the relevant mobile phone application, etc., according to the technology used and the operator of the given infrastructure.) Video recordings from cameras and intercoms are stored for the necessary period of time. They are then automatically deleted and overwritten by new recordings.

RECIPIENTS OF PERSONAL DATA

Controller may share personal data with certain third parties if necessary (e.g. with the centralised protection desk). An up-to-date list of other recipients will be provided by the Controller upon request.

The Controller may also share your personal data with legal counsels in order to protect the legitimate interests of the Controllers, as well as with prosecuting bodies, courts or authorities acting in public offence proceedings in accordance with the Controllers’ legal obligations. The Controller does not transfer personal data to third countries or international organisations.

SECURITY

The Controller shall ensure appropriate technical, control, security and organisational measures against accidental loss, destruction, alteration, unauthorised disclosure or access [to personal data]. Any access to personal data by authorised persons is allowed only in justified cases and is always properly recorded.

RIGHTS OF DATA SUBJECTS

• Right of access to personal data

You have the right to obtain information on whether your personal data are processed and, if so, you also have the right to gain access to your personal data. If you have any questions or requests concerning the processing of your personal data, you can contact the Controller by email at dataprotection@2n.com .

• Right to rectification of personal data

If you believe that the personal data we process are inaccurate or incomplete, you have the right to request their rectification or supplementation. In the case of processing of personal data in the form of an image record, the right to rectification does not apply.

• Right to erasure

If you request erasure of your personal data, we will erase your personal data if (i) they are no longer necessary for the purposes for which they were collected or otherwise processed; (ii) you object to the processing and there are no overriding legitimate grounds for the processing of your personal data; (iii) the processing is unlawful; or (iv) the legal obligation to process your personal data under European Union law or national law has ceased to exist.

• Right to restriction of personal data processing

Until any disputable issues concerning the processing of your personal data are resolved, you have the right to request restriction of processing of your personal data. Where processing has been restricted, your personal data may be processed, except for their storage, only with your consent or for the purpose of establishing, exercising or defending legal claims, for the protection of third-party rights or for reasons of an important public interest of the European Union or any Member State.

• Right to data portability

You have the right to obtain personal data concerning you which we process by automated means in a structured, commonly used and machine-readable format, and the right to transmit those data to another controller. However, if the exercise of this right would adversely affect the rights and freedoms of other persons, we will not be able to satisfy your requests.

• Right to object

You have the right to object to processing of personal data via above stated email address. Iin the event that we  fail to prove that there exist compelling legitimate grounds for personal data processing which override your interests or rights and freedoms, or that we need the processing for the establishment, exercise or defence of legal claims, we will terminate the processing on the basis of the objection without undue delay.

FURTHER IMPORTANT INFORMATION

We generally process your requests free of charge because it is important for us to keep you informed about the processing of your personal data. However, in the event of repeated or clearly unfounded requests for exercise of the above rights, we are entitled to charge a reasonable fee or refuse the exercise of the given right. We would inform you of such a procedure in due time.

If you wish to exercise any of your above rights, please contact us at dataprotection@2n.com.  We will respond to your questions and requests without undue delay.

Our activities as the Controllers are also supervised by the Office for Personal Data Protection; if you are dissatisfied, you can file a complaint with the Office. For more information, go to the Office’s website www.uoou.cz.

ANNEXES:

Annex 1 – Plan showing the location of access units and cameras (available on request)