General Data Protection Regulation (GDPR)

Company name: Rychetsky & Partners s.r.o
Registered office: Praha 1, Thunovská, 179/12, Postal Code 11000
ID: 09655522
Tel: +420 775 440 094

A. Introduction

Rychetsky & Partners s.r.o., ID No.: 28207572, with registered office in Prague 1, Thunovská Street
179/12, Postal Code 11000, file No. C 132764, maintained by the Municipal Court in Prague (hereinafter
referred to as the “Administrator”),
obtains personal data from job applicants (hereinafter referred to as “Candidate”) by sending
professional CVs.

The Administrator is a trading company that is engaged in, among other things, active job search
for Candidates who are individuals seeking employment. The administrator searches for
job positions not only for Candidates who do not have a job position at all, but also continuously
monitors the labour market in order to find vacancies for Candidates who are employed
jobs that could lead to professional development and improved working conditions

B. Personal data

In particular, the Administrator processes the following personal data about Candidates:
name and surname, photograph, date and place of birth, marital status, citizenship, gender,
earned degrees,contact details, including place of residence, education received,

the current state of the labour market and the experience, knowledge and skills, ideas and
the requirements of the job you are looking for and other items that are usually included in a CV (e.g.
certificates, courses, training personal interests).
As the Candidates’ CVs are not structured and content
uniform and it is at the Candidate’s discretion what personal data to include in his/her CV, it is not possible to
to establish in advance an exhaustive list of the data to be processed.
Information about your computer, including IP address, geographic location, browser type and version, and
operating system;
information about your visits to and use of this website, including the source of the referral, length of visit,
pages viewed and website traversal;
information such as the email address you provide when you register on our website;
information you enter when you create a profile on our website – such as your name, profile pictures, gender,
date of birth, status, interests and hobbies, education and occupation;
information such as your name and email address that you provide when you sign up for our email services
and/or newsletters;
the information you enter when using the services on our website;
information generated when you use our website, including when, how often and under what conditions you use
information that you submit to our website with the intention of publishing it on the internet, including your
username, profile pictures and the content of your post;
the information contained in any communication you send to us by email or through the website, including the
content and metadata itself;
any other personal data you send us.
Before you disclose another person’s personal data to us, you must obtain that person’s consent to both the
disclosure and processing of that personal data in accordance with this Policy.

C. Purpose and legal basis for processing

The controller processes personal data for the purpose of carrying out activities aimed at obtaining
job offers for the Candidate. Particularly in the context of the purpose of the previous sentence, the
Administrator is
authorised (a) to send personal data to the person requesting the job (especially the employer,
employment agency) matching the Candidate’s professional profile and at the same time (b) contact
The candidate is offered a position which, in his/her opinion, would be suitable for the person
Interesting candidate.
The controller processes personal data on the basis of consent to the processing of personal data,
granted to the Administrator by the Candidate and in connection with the performance of the legal obligations of
the Administrator,
as they are or may be provided for by Czech and/or EU law, or
if necessary to protect the rights and legal claims of the Controller under applicable law
regulations, or for the purposes of the legitimate interests of the Controller or other persons. Legitimate
interests may be in particular cases of protection of the rights and legal claims of the Controller.
Providing consent to the processing of personal data is always voluntary and the Candidate has
the right to withdraw their consent at any time, in whole or in part. Consent may be withdrawn at the following
e-mail address or by written notification sent to
the Administrator’s registered office.
From the date on which the withdrawal of consent is notified to the Controller, the Controller may process
data only to the extent that another legal ground for processing is provided, i.e. in particular in the performance
their legal obligations or for the purpose of protecting their rights and legal claims.

D. Further processing

The Controller is entitled to process personal data about Candidates for the purposes defined in
in the preceding paragraph and to fulfil this purpose.
Within the scope of fulfilling the purpose of processing, the Controller is entitled to process personal data
both automated and manual, including through designated processors. Personal data
are/will only be made available to authorised employees of the Controller or employees of
processor, and only to the extent necessary for the purposes of the processing and for the necessary period of
time. With
personal data processors, the Controller has a contractual relationship in which the Controller undertakes to
the processor to secure personal data and to ensure that personal data are not
used contrary to the purpose of their processing.
The controller shall oblige the subjects to whom personal data are provided pursuant to the preceding paragraph
Candidate data for the purpose of offering a job to a Candidate, to provide such personal data
kept only for as long as necessary, i.e. until the tender procedure is completed
for the position of the requested candidate.

E. Privacy Policy

All persons who come into contact with the personal data of clients in the course of performing their
employment or contractual obligations, are bound by legal or contractual
confidentiality obligations. The administrator shall take all technical and organisational measures to
ensuring the protection of personal data in the manner specified in the binding legal
regulations and to eliminate the possibility of unauthorised or accidental access to personal
data, their alteration, destruction or loss, unauthorised transmission, other
unauthorised processing as well as other misuse of personal data. This obligation applies
even after the processing of personal data has been completed.

F. Information on the rights of data subjects in relation to the processing of personal data
In addition to the above, the candidate has the following rights:

Right of access to personal data
The candidate has the right of access to personal data, which includes the following rights:
(a) obtain confirmation as to whether or not the Controller processes personal data,
(b) obtain information on the purposes of the processing, the categories of personal data concerned,
the recipients to whom the personal data have been or will be disclosed, the planned time
processing, the existence of the right to request the controller to rectify or erase personal data
concerning the Candidate or limitations on their processing or object to
this processing, the right to lodge a complaint with a supervisory authority, any available
information about the source of the personal data, if not obtained from the Candidate, the facts,
that automated decision-making, including profiling, on appropriate safeguards takes place
when transferring data outside the EU,
(c) to obtain a copy of the personal data where the rights and freedoms will not be adversely affected
of other people. In the event that the exercise of the right to a copy of personal data could, in relation to
certain categories of personal data adversely affect the rights and freedoms of third parties
persons, requests cannot be made in respect of these categories of data in accordance with the opinion of the
No 6/2013 for the protection of personal data.
Right to rectification of inaccurate data
The candidate has the right to have inaccurate personal data about him/her corrected by the Administrator
process. The candidate is also obliged to notify the Administrator of changes to his/her personal
Right to erasure
The candidate has the right to have the personal data concerning him/her erased unless the Controller proves
the reasons set out in the legal regulation for the processing of such personal data.
Right to restriction of processing
The candidate has the right to restrict the processing of personal data if:
(i) The candidate denies
the accuracy of the personal data, for the time necessary to enable the Controller to
verify the personal data; or
(ii) the processing is unlawful and the Candidate refuses erasure
the personal data and requests instead a restriction on its use; or
(iii) The Administrator has already personal
the data is not needed for the purposes of processing, but is required by the Candidate for the determination,
performance or
defending legal claims; or
(iv) The candidate has objected to processing until
it is not verified that the legitimate reasons of the controller outweigh the legitimate reasons

G. Right to portability of personal data

The candidate has the right to request from the Controller the personal data concerning him/her which he/she
has provided
Controllers and which are processed automatically in a structured, commonly used
and in a machine-readable format, and the right to request the transfer of such data to another controller,
provided that the person acting on behalf of the controller is duly designated and can be authorised.
In the event that the exercise of this right may adversely affect the rights and freedoms of
third parties, the request cannot be granted.
Right to object to the processing of personal data
A candidate has the right to object at any time on grounds relating to his or her particular situation
against the processing of personal data concerning him or her. The controller shall furthermore
shall not process unless it demonstrates compelling legitimate grounds for processing which
outweigh the interests or rights and freedoms of the Candidate, or for the determination, exercise or
defending legal claims.
Automated individual decision-making including profiling
A candidate has the right not to be subject to any decision based solely on
automated processing, including profiling, which would have legal effects on him or her; or
affected him in a similarly significant way. The Administrator represents that it does not
automated decision-making without the influence of human judgement with legal effects for
Right to apply to the Office for Personal Data Protection
The candidate has the right to contact the Office for Personal Data Protection (
If you are interested in any further information regarding the processing of personal data by the Controller
or if the Candidate wishes to exercise his/her data protection rights, he/she has
Candidate can contact the Data Protection Officer Lucie Boháčková, e-mail:

H. Disclosure of personal data

We may disclose your personal information to any of our employees, officers, insurance companies,
professional advisors, agents, contractors or subcontractors as reasonably necessary for the purposes set out in
this policy.
We may disclose your personal information to any member of our group of companies (i.e. our subsidiaries, our
ultimate holding company and any of its subsidiaries) as reasonably necessary for the purposes set out in this
We may disclose your personal information:
to the extent that we are required to do so by law;
in connection with any pending or future legal proceedings;
for the purpose of establishing, exercising or defending our legal rights (including providing information to
others to prevent fraud and reduce credit risk);
the purchaser (or prospective purchaser) of any business or assets that we sell (or are considering selling); and
to any person whom we reasonably believe may be required by a court or other competent authority to disclose
such personal data and where, in our opinion, such court or authority could order the disclosure of such personal
Except as set out in this policy, we will not disclose your personal data to third parties.

CH. International data transfers

The data we collect may be stored, processed and transferred between any of the countries in which we operate
for use in accordance with this Policy.
The data we collect may be transferred to the following countries that do not have data protection laws
equivalent to those in force in the European Economic Area: the United States of America, Russia, Japan, China
and India.
The personal information you post on our website or submit for publication on our website may be accessible
worldwide via the Internet. We cannot prevent others from using or misusing this information.

I. Retention of personal data

This section sets out our data retention policies and procedures to ensure that we comply with our legal
obligations to retain and delete personal data.
Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that
purpose or purposes.
Without prejudice to Article I 2, we delete personal data that fall into the categories set out below by the date
and time specified below:
personal data will be deleted on {ENTER DATE / TIME}; and
Notwithstanding any other provision of this Part, we will retain documents (including electronic documents)
containing personal data
to the extent that we are required to do so by law;
if we believe that the documents may be relevant to any pending or future legal proceedings; and
for the purpose of establishing, exercising or defending our legal rights (including providing information to
others to prevent fraud and reduce credit risk).

J. Security of your personal data

We will take reasonable technical and organisational measures to prevent the loss, misuse or alteration of your
personal data.
We will store all the personal data you provide on our secure servers (password protected and firewalled).
All electronic financial transactions entered through our website will be encrypted.
You acknowledge that the transmission of information over the Internet is inherently insecure and we cannot
guarantee the security of data sent over the Internet.
You are responsible for maintaining the confidentiality of the password you use to access our website; we will
not ask you for your password (except when you log in to our website).

K. Changes
We may update this policy from time to time by posting a new version on our website. You should check this
page from time to time to ensure that you understand any changes to this Policy. We may notify you of changes
to this Policy by email or through private messages on our website.

L. Your rights
You can instruct us to provide you with any personal information we hold about you. The provision of such
information will be subject to the following:
payment of the fee {ENTER FEE IF RELEVANT}; and
Presentation of the relevant proof of your identity ({ADJUST TEXT TO REFLECT YOUR POLICY For this
purpose, we usually accept a photocopy of your passport certified by a notary public and the original copy of
your utility bill showing your current address}).
To the extent permitted by law, we may refuse to provide the personal information you request. You can instruct
us not to process your personal data for marketing purposes at any time. In practice, you will usually either
explicitly agree in advance to our use of your personal data for marketing purposes or we will offer you the
opportunity to opt out of our use of your personal data for marketing purposes.
M. Third party websites
Our website contains hyperlinks to and details of third party websites. We have no control over and are not
responsible for the privacy policies and practices of third parties.
N. Data update
Please let us know if we need to correct or update any personal information we have about you.
O. Cookies
Our website uses cookies. A cookie is a file containing an identifier (a string of letters and numbers) that is sent
by the web server to the web browser and stored by the web browser. This identifier is then sent back to the
server whenever the browser requests the server to display a page. Cookies can be either “persistent” or
“session”. Persistent cookies will be stored by the web browser and remain valid until their expiry date, unless
they are deleted by the user before the expiry date. In contrast, session cookies expire at the end of the user’s
session when the web browser is closed. Cookies do not normally contain any information that uniquely
identifies the user, but the personal information we store about you may be linked to the information stored and
retrieved from cookies. {SELECT ACCURATE PHRASING We use only session cookies / only persistent
cookies / both session and persistent cookies on our website.}
The names of the cookies we use on our website and the reasons for using them are set out below:
We use Google Analytics and Adwords on our website to recognize your computer and {INCLUDE ALL USES
THAT COOKIES ARE USED FOR ON YOUR SITE when a user visits the website / track user movement on
our website / enable the use of the shopping cart on the website / improve website usability / analyze website
usage / administer the website / prevent fraud and improve website security / customize the website for each
user / target advertising, according to the individual interests of specific users / describe the reason(s)};
Most browsers allow you to refuse to accept cookies – for example:
In Internet Explorer (version 10), you can block cookies by changing the cookie handling settings available by
clicking on “Tools”, “Internet Options”, “Privacy” and then “Advanced”;
In Firefox (Version 24), you can block all cookies by clicking on “Tools”, “Options”, “Privacy”, then select
“Use custom history settings” from the drop-down menu and uncheck the “Accept cookies from websites”
checkbox; and
In Chrome (version 29), you can block all cookies in the “Customize and Control” menu, where you click on
“Settings”, “Show Advanced Settings” and “Content Settings”, and then select “Block sites from setting any
data” under the “Cookies” heading.
Blocking all cookies will have a negative impact on the usability of many websites. If you block cookies, you
will not be able to use all the features on our website.
You can delete cookies already stored on your computer – for example:
In Internet Explorer (version 10), you must delete cookies manually (instructions on how to do this can be found
in Firefox (Version 24), you can delete cookies by clicking on “Tools”, “Options” and “Privacy”, then selecting
“Use custom history settings”, clicking on “View cookies” and then clicking on “Delete all cookies”; and
In Chrome (version 29), you can delete all cookies in the “Customize and Control” menu by clicking on
“Settings”, “View Advanced Settings” and “Clear Browser Data” and selecting “Delete cookies and other site
and extension data” before clicking on “Clear Browser Data”.
Deleting cookies will have a negative impact on the usability of many websites.
This Policy is valid and effective as of 1 August 202