PRIVACY POLICY FOR BUSINESS PARTNERS

This Privacy Policy applies to the processing of all personal data of consumers, customers, suppliers, and business partners (“business partners”) by Zátiší Catering Group a.s., with its registered office at Novotného lávka 200/5, 110 00 Prague 1, ID No.: 15269574 (hereinafter referred to as the “Company”, “our Company”, or “we”).

This Privacy Policy does not apply to data related solely to business activities or to information about companies. Our Company acts as the data controller of the personal data of business partners.

This document explains who we are and for what purposes we process your personal data and other information about you. If you have any questions, please use the contact details provided at the end of this statement.

This Privacy Policy has been prepared in accordance with applicable legal regulations, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR). It has been effective since 25 May 2018, and the latest update was made on 15 May 2024.

This Privacy Policy may be updated from time to time. The current version is always published on our website. If significant changes are made, we will inform you accordingly.

PURPOSES OF PERSONAL DATA PROCESSING

Our Company processes your personal data when conducting business transactions with you, when you visit our websites or applications, or when you interact with us in another way.

A. Responding to your inquiries

If you contact us, we process your personal data to respond to your questions or requests.

For this purpose we process, based on your consent:

• your name

• contact details

• correspondence with us

• your inquiries

• other personal data necessary to respond to your request.

B. Development and improvement of products and services

We process personal data to evaluate, analyze, and improve our products and customer services.

We analyze customer behavior to adjust our services accordingly. When you use our websites or applications, we may process personal data to create analytical reports.

This may include:

• frequency of newsletter reading

• website visits

• pages you click on

• products and services you purchase.

We may also supplement our database with information from public sources.

For this purpose we process:

• contact data (address, email)

• personal data (name, date of birth)

• payment and credit information

• communication with the Company

• data generated when using our website

• technical data from your device (IP address, browser, visited pages, time spent on the website).

C. Evaluation and acceptance of customers, suppliers, or business partners

When you contact us, we may process your personal data to verify your identity and evaluate the possibility of cooperation.

We also process personal data for administrative purposes and verification against public registers.

For this purpose we process:

• contact details

• name and date of birth

• payment and credit information

• correspondence with our Company.

D. Conclusion and performance of contracts

If you purchase products or services from us, or cooperate with us as a supplier or partner, we process personal data for administrative purposes such as invoicing and payment processing.

Personal data may also be used for delivery, management of services, and customer support.

If Click to Pay is used for payment by card, the Company and the bank providing this service will process your personal data to execute the payment.

Data processed may include:

• name of cardholder

• email address or phone number

• payment information.

E. Relationship management and marketing

We use data stored in our customer database to send newsletters, offers, and updates.

We may also use personal data to conduct marketing research and improve our marketing strategy.

For these purposes we process:

• name

• address and email

• contact preferences

• payment information

• order history

• communication with the Company.

F. Business operations and internal management

Personal data may be processed as part of business operations, including:

• general management

• order management

• asset administration

• financial administration and accounting

• audits and internal checks

• dispute resolution

• archiving and insurance.

G. Organizational analysis and development

Personal data may be used to prepare reports and analyses for company management.

Aggregated or anonymized data may be used to evaluate business performance or prepare reports related to mergers, acquisitions, or company sales.

H. Use of our websites and applications

When you use our website, we process technical data to ensure its functionality and improve performance.

This may include:

• IP address

• browser type

• visited pages

• navigation behavior

• duration of visits.

I. Contact via social media

Our Company is active on platforms such as Facebook, Twitter, LinkedIn, and YouTube.

If you contact us via these platforms, we process personal data to respond to your messages.

J. Monitoring and compliance

We monitor our processes to ensure compliance with internal policies and legal regulations.

During monitoring activities, personal data stored in our systems may be reviewed.

K. Health, safety, and security

Personal data may be processed to ensure the safety and protection of employees, customers, suppliers, and partners.

This may include verifying access to company premises and protecting company property.

L. Compliance with legal obligations

In certain cases, we process personal data to comply with legal requirements such as tax regulations or obligations towards authorities.

Authorities may be granted access to personal data if required by law.

M. Participation in promotional activities

We may send invitations to promotional events or activities.

If you participate, personal data may be processed to organize and evaluate the event.

You may withdraw your consent at any time.

DATA RETENTION

Our Company retains personal data only for as long as necessary for business purposes or as required by applicable law.

After the retention period expires, personal data will be:

• securely deleted or destroyed

• anonymized

• archived if legally required.

WHO HAS ACCESS TO YOUR PERSONAL DATA

Within our Company, personal data may be shared between affiliated companies for administrative purposes.

Employees may access personal data only to the extent necessary to perform their duties.

Third parties that may access personal data include:

• banks

• insurance companies

• IT service providers

• accountants

• consultants.

All third parties process data in accordance with applicable legal regulations.

If personal data is transferred outside the EU, appropriate safeguards (such as EU standard contractual clauses) will be applied.

DATA SECURITY

We have implemented appropriate technical, physical, and organizational measures to protect personal data against loss, misuse, unauthorized access, or disclosure.

YOUR RIGHTS

You have the right to:

• access your personal data

• request correction or deletion

• restrict processing

• object to processing

• request data portability.

To exercise your rights, please contact us using the details below.

We may request additional information to verify your identity.

WITHDRAWAL OF CONSENT

You may withdraw your consent to personal data processing at any time.

Withdrawal does not affect the legality of processing performed before withdrawal.

COMPLAINTS

If you believe your personal data has been processed improperly, you may contact our Company or file a complaint with the supervisory authority:

Office for Personal Data Protection
Pplk. Sochora 727/27
170 00 Prague 7 – Holešovice
https://www.uoou.cz/

CONTACT

If you have questions regarding personal data processing, please contact us:

officecatering@zatisigroup.cz
marketing@zatisigroup.cz

Confirmation

I confirm that I have read this Privacy Policy and agree to the processing of my personal data for the purposes, scope, and methods described above.