Personal Data Protection

This document explains how the law firm may collect and process your personal data and provides information about your rights with respect to processing of your personal data.

In compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, the General Data Protection Regulation (hereinafter referred to as the “Regulation”), JUDr. Jan David, attorney, at 110 00 Prague 1, Štěpánská 39, IN: 66466491, e-mail: david@akl.cz, phone: 296226612, is a controller of personal data (hereinafter referred to as the “Controller”).

The Controller processes personal data for the purposes of practicing his legal profession.

Personal data are mostly processed for the following legal reasons: the performance of the legal services agreement that can be concluded in writing or verbally and the fulfillment of statutory obligations arising from the legal profession andlaid down inlegal profession laws. The data subject – client - must provide his or her personal data based on the aforesaid agreement or statutory obligations.

Personal data may be provided in particular to an accountant, a tax consultant, an IT expert maintaining the Controller’s computer system (including other collaborators of the Controller), recipients based on the client’s needs and instructions and public authorities of the Czech Republic (e.g. courts or administration authorities) if necessary for the purposes of personal data processing. Personal data shall not be provided to recipients from third countries or international organizations.

Personal data shall be processed during the term of the agreement with the client; after the agreement is terminated, they shall be handled in compliance with effective laws, in particular Act No. 85/1996 of Coll., on the legal profession, and the Regulation.

No automated decision-making or profiling shall occur during the processing of personal data.

The client has the following rights: the right of access to personal data, which means that the client has the right to obtain from the Controller information as to whether or not his or her personal data are being processed, and, if it is the case, which personal data and how they are processed. The client also has the right to ask the Controller to immediately rectify his or her inaccurate personal data and to have his or her incomplete data completed at any time. Furthermore, the client has the right to erasure, which means that the Controller must erase his or her processed personal data provided that certain conditions are met and the client requests so. The client also has the right to ask the Controller to restrict the processing of her or her personal data in certain cases. The client has the right to object at any time to processing that is based on the legitimate interests of the Controller or a third party or is necessary for the performance of a task carried out in public interest or in the exercise of public powers. The right to data portability entitles the client to receive his or her personal data provided to the Controller in a commonly used and machine-readable format. The client has the right to transfer these data to another controller or, if technically possible, to ask the controllers to provide them to each other. The right to withdraw the consent to processing personal data at any timedoes not apply if the client’s personal data are processed due to the performance of an agreement executed with the client or due to fulfillment of a legal obligation and not based on the client’s consent to such processing. More information about the client’s rights is available on the web site of the Office for the Protection of Personal Data (https://www.uoou.cz/6-prava-subjektu-udaj/d-27276).

In the case that the client is dissatisfied with the processing of his or her personal data carried out by the Controller, he or she may file a complaint against the Controller or contact the Office for the Protection of Personal Data.