Information on the processing of personal data

General Data Protection Regulation. It is a regulation given by the legislation of the European Union. And the goal? Protect EU citizens, and therefore you, against the unauthorized use and misuse of their personal data.

GDPR applies to companies, institutions and individuals who work with personal data. At Fidoo, it concerns individual employees, suppliers, but above all our clients who share their data with us.

• Especially those that relate to the offer and provision of our services. In short, it is the data that is in the contracts and contractual documentation, or those that you enter into the Fidoo application when ordering services and complying with legislative requirements.

  To be really specific. These are the data you give us to conclude the Framework Agreement and the data necessary to set up access to the Fidoo application or order a Fidoo card. That is, name, surname, date of birth, residence, proof of identity, telephone and e-mail.

Sometimes, the processing of personal data results directly from the contract, from the law or from our legitimate interests. Then there are the times when we need your free consent for processing: If we want to call you, send an e-mail or text message and we need to introduce you to new services. For your peace of mind (and the protection of the interests of both parties), we record telephone calls. We always know exactly what we (didn’t) talk about.

As if they were our own! Automatically and manually and with an emphasis on maximum safety. That is why we rely on control, technical and security mechanisms.

• Right from you. Namely: At the conclusion of the Framework Agreement and during its duration and performance. Also in the provision and implementation of services through our website, web and mobile application Fidoo. We also have information from the Contractual Documentation and other forms, from joint phone calls, e-mails and meetings. We also have information from other people, from our own activities and from publicly available registers. The use of Fidoo cards is also a source of personal data.

Entities for which this is required by law. This category includes, for example, the Czech National Bank, tax administrators and the Financial Analytical Office.

We pass on the data necessary for payment services to the providers of these services. That is, payment card issuers, payment and settlement system operators. secure payment gateway providers and financial institutions that ensure account management and transactions.

This is for a longer talk. So all right:

Personal data are most often processed for the duration and fulfillment of contractual and non-contractual obligations (hereinafter referred to as the contract). When the contract expires, personal data is further processed to protect your and our rights and interests. Alternatively, the interests of third parties. And for the time that is absolutely necessary.

The necessary time is determined by the limitation periods set by the Civil Code or the contract. They vary according to the type of obligation or law to which the data relate. We must then keep the information contained in some documents for as long as we are bound by binding legal regulations. This applies in particular to accounting, taxes, labor law or archiving under a special law.

Our activities are also subject to special sectoral regulation: documents relating to payment services must be kept for at least 5 years, documents relating to the identification of persons for the fight against money laundering and terrorist financing even for 10 years.

Direct Fidoo has deadlines for storing documents and data in internal regulations. When you give us consent, processing takes place until the consent is revoked, unless otherwise stated directly with the consent. Of course, you can revoke the consent at any time to end the processing.