EVENTS

GDPR

PRINCIPLES OF PERSONAL DATA PROCESSING

for Customers, Suppliers, Marketing Activities and Website Visitors

PRODUKCE BUDIL s.r.o., with its registered office at Svídnice 34, 289 01 Dymokury, Czech Republic, Company Identification No.: 22658297, registered in the Commercial Register maintained by the Municipal Court in Prague under file No. C 419267 (hereinafter referred to as the “Company” or the “Controller”), places great importance on the protection of personal data.

In accordance with Regulation (EU) 2016/679 (GDPR), the Company adopts these Principles of Personal Data Processing.

I. Data Controller

Controller: PRODUKCE BUDIL s.r.o.
Address: Svídnice 34, 289 01 Dymokury, Czech Republic
E-mail: produkce@budil.cz
Telephone: +420 724 703 750

II. Categories of Personal Data

Identification and contact data, contractual data, invoicing and payment data, communication data, website and cookie data, marketing data, recruitment data, and CCTV recordings.

III. Purposes and Legal Bases of Processing

Personal Data Category

Purpose of Processing

Legal Basis

Identification and contact data

Contract negotiation and conclusion

Pre-contractual measures

Contractual and delivery data

Performance of contracts

Contract performance

Payment and invoicing data

Accounting and tax obligations

Legal obligation

Marketing data (existing clients)

Direct marketing

Legitimate interest

Marketing data (consent)

Marketing communication

Consent

Recruitment data

Employee recruitment

Pre-contractual measures

CCTV recordings

Protection of property

Legitimate interest

IV. Retention Periods

Data Category

Purpose

Retention Period

Contractual and invoicing data

Accounting

5 years

Marketing data – legitimate interest

Direct marketing

5 years

Marketing data – consent

Marketing campaigns

Duration of consent

Recruitment data

Recruitment process

Until completion

CCTV recordings

Property protection

Max. 30 days

V. Recipients of Personal Data

Personal data may be disclosed to processors such as IT providers, accountants, legal advisors, carriers and marketing agencies, always based on data processing agreements.

VI. Rights of Data Subjects

The data subject has the right to access, rectification, erasure, restriction, data portability, objection, withdrawal of consent, and to lodge a complaint with the supervisory authority.

VII. Final Provisions

These Principles are effective as of 1 January 2026.