Information on an individual’s rights arising from the GDPR


The company RESPILON E-commerce s.r.o., Company ID No.: 091 65 967, with registered office at Příkop 843/4, Zábrdovice, 602 00 Brno, acting as a legal person registered in the Commercial Register administered by the Regional Court in Brno, Section C 117619, with Mr. Roman Zima as its appointed representative (hereinafter only as the “Company”).

The Company considers the protection and confidentiality of personal data very important. That is why the Company, in our role of a controller, inform you about what personal data the Company processes, how it is used, and what the legal basis for it is.

The Company processes and uses your personal data in accordance with the Czech law (mainly with Act No. 110/2019 Coll., on personal data protection and on amendments to certain acts (hereafter only as the “Act”), further in accordance with the law of the EU, (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereafter only as the “GDPR”). The complete version of the GDPR is available at

The GDPR Regulation requires the Company, as data controllers, in particular to inform employees, customers, clients, suppliers and other persons affected by the processing of personal data, about the collection, processing and use of data, and to inform them of their rights in this area. The Company therefore informs you about your general rights in connection with the processing of your personal data. 


  1. What are personal data

Personal data are any information which are related to an identified or identifiable natural person. An identifiable natural person is a natural person which can be directly or indirectly identified, especially by reference to an identifier such as a name, an identification number, location data, an online identifier or one of several special characteristics, which expresses the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.


The Company usually processes basic data about you:

  • name and surname;
  • degree;
  • home address;
  • date of birth;
  • birth certificate number. 

These data are necessary for our Company, and they are necessary for the performance of the Company’s legal obligations.

 Other personal data which the Company processes:

  • your phone number;
  • your e-mail address;
  • documents with identification (your ID, your passport, your driver’s license);
  • your bank account number;
  • your marital status;
  • your education;
  • your portrait;
  • your place of birth;
  • your ID number;
  • your driver’s license number;
  • your passport number;
  • your place of residence;
  • your place of birth;
  • your age;
  • your IP address;

and other data.

Now, the editing of your data can be done by you personally, or, anytime after a sufficient verification of your identity via an e-mail address

This processing of data is based on Art. 6 (1) (b) and (c) of GDRP and is necessary for the performance of the Company’s legal and contractual obligations.

  1. How long the Company store your personal data

Your personal data will be stored for the time necessary to meet all our legal obligations. This time period is usually between 3 and 10 years.

  1. When the Company can provide other parties with your personal data

Upon lawfully made requests by a judicial or an administrative body it is possible to provide them with your personal data in cases which are defined by existing law. 

  1. The Company uses the services of data processors

The Company uses data processors in order to provide services to the customers and to process your personal data. The data processors process your data only as instructed by the Company and in compliance with applicable personal data protection law. All data processors have been thoroughly selected and they will have access to your personal data only for a scope of time necessary for providing services only for the period of time necessary to provide services, or for a scope of time which was authorized by you. 

  1. Security

Your personal data is secured by the Company by means of implemented technical and organizational measures in order to achieve maximum protection against unauthorized access to your data in particular. All protective elements are being continuously updated according to the current state of the art.

  1. How we use cookies

When you visit the RESPILON website, it will automatically put one or more cookies on your computer. We primarily use these cookies to achieve better browsing experience for the user and to personalize our services. You can get detailed information here.

  1. Your rights

8.1 Right to access the information, Art. 15 GDPR

You have the right to obtain information regarding your personal data which the Company has stored, about their origin, the recipients or categories of recipient to whom the personal data have been disclosed, and about the purpose of why the Company has stored the data. If you make a request to obtain a copy of the personal data undergoing processing, the Company can charge reasonable administrative costs for providing you with the copy, unless provided in electronic form.

8.2 Right to withdraw your consent

If you have given a consent to process your personal data, you can withdraw anytime without stating the reason, but the withdrawal of consent shall not affect the lawfulness of processing resulting from the consent given before its withdrawal. To withdraw your consent, please send a signed withdrawal by mail in writing to the Company’s address. The withdrawal will not apply to the data which are necessary for the performance of the Company’s legal obligations.

8.3 Right to a correction of incorrect personal data, Article 16 GDPR

If any of your personal data stored by the Company are not accurate or incorrect, you have the right to a correction by the Company. 

8.4 Right to the deletion of your personal data and the right to limit the data processing, Article 17 GDPR

With regard to your personal data processed by the Company, you have the right to deletion of the data and to limit their processing. To obtain the deletion from the Company, you have to send a written and signed request by mail to the Company’s address. After receiving your request, your personal data will be usually erased immediately, or within one month at the latest. To erase your personal data or to limit their processing is possible only in the case where the personal data are no longer necessary for the reason why they have been collected, or where the deletion is the legal obligation of the Company. Nevertheless, the right can be rejected in individual cases.

If the deletion is not in compliance with legal, contractual, tax, and corporate obligations, or if the deletion is unlawful, it will not take place, instead only the limitation of processing your personal data will take place. After the deletion of your personal data, it is no longer possible to provide you with access to personal data. Personal data that could not be deleted due to the existence of a legal obligation to store them will be blocked for your safety.

8.5 Right to data portability, Article 20 GDPR

If you ask to receive your personal data, the Company will transmit those data to you or to another controller designated by you in a structured, commonly used and machine-readable format. The Company will transmit the data to the designated controller only if possible in terms of technology. 

  1. Right to file a complaint with a relevant supervisory authority, Article 77 GDPR

If you wish to lodge a complaint, please, send your written complaint to the Company’s address. In addition to that, if you believe that your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority.

If you believe that your rights arising from GDPR have been violated, you also have the right to lodge a complaint with an EU supervisory authority or with a supervisory authority of an EU member state. Detailed information on the supervisory authorities can been found on the website of the European Commission 

  1. Right to object to the processing of your personal data, Article 21 GDPR

You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data with a future effect, unless the processing is necessary for the performance of a task carried out in the public interest (see Art. 6 (1) (e), (f) of the GDPR). If you object, the Company will verify the legitimacy of your objection, and if your objection is legitimate, the Company will stop any further processing of your personal data. 

  1. Photographs and video recordings

The Company publishes photographs and video recordings of events organized or co-organized by the Company in the press, in electronic media, on its websites and other sites on the Internet, in the media, etc. The published photographs and video recordings can include the image and voice of you or your children, including other manifestations of personality. The Company always aim to make it impossible to determine your identity, and the Company does not want to interfere in any way with your privacy. If you are still interested at this point, you can ask the Company for information about photos and videos stored with the Company, their origin, the way they were published, and you have the right to request restrictions on their publication, their deletion or the deletion of the photo or video from the public source. It is sufficient to send a written request by mail to the Company's address. 

The Company will also reply electronically to the questions asked electronically, unless you have requested a different form in your question. Information and notifications relating to the GDPR are provided free of charge. Only in the case of clearly illegitimate or excessive requirements will the Company be entitled to claim any compensation for the costs incurred. After the receipt of the request for information, the request will normally be processed immediately, no later than within one month. That period may be extended by further two months if the complexity, frequency of applications or quantities of accompanying documentation require so and the need to trace them back requires so. The Company will inform you of any extension of the deadline within one month after the receipt of your request, stating the reasons for the delay. If the Company does not respond to your request, it will inform you of this within the same time limit, stating the relevant reasons and informing you of the possibility to lodge a complaint with the supervisory authority or competent court.


In Brno on August 1, 2021 

On behalf of RESPILON E-commerce s.r.o.
Roman Zima
executive director