Privacy & Cookie Settings

Personal Data Processing

This document provides information on personal data processing by Prague Stock Exchange, a.s., with its registered office at Rybná 14/682, 110 05, Prague 1, ID No.: 47115629 (hereinafter “PSE”), relating exclusively to the operation of the Prague Stock Exchange Arbitration Court founded by the PSE. Information on personal data processing in other cases can be found at https://www.pseac.org/en/privacy-and-cookie-settings.

We protect your data. We consider our client’s privacy and the protection of their personal data as a primary obligation.

We handle personal data solely in compliance with valid legislation. In this document, we introduce the principles that clarify what we do to ensure the confidentiality and security of the personal data that is processed and provide information on the rights relating to personal data processing. This document is aimed at providing information on the personal data we collect, how we handle such data, the sources from which we obtain such data and for what purposes we use them, to whom we are allowed to provide such data and where you can obtain information on the personal data we process.

Data Controller

Prague Stock Exchange, a. s., the founder of the Prague Stock Exchange Arbitration Court, is the controller of the personal data that you provided to the PSE or your personal data that the PSE obtained (see the chapter Source of Personal Data below) to fulfil one or several purposes. The PSE collects the data, disposes thereof and is liable for its due and legal processing. You can exercise your rights with the controller in the manner specified below.

You can contact the controller or its data protection officer with queries concerning personal data processing; the contact data of the administrator and the data protection officer is available in the Contacts tab.

Basic Principles of Personal Data Processing

We follow, in particular, the following principles when processing personal data:

  • when processing personal data, we fulfil all obligations imposed by legal regulations;
  • when processing personal data, we act fairly and transparently and exert our best efforts to restrict the purposes and extent of personal data processing to the necessary minimum;
  • we exert our best efforts to ensure that the data subject’s rights and freedoms are not infringed and that the data subject is protected against unauthorised interference with its private and personal life;
  • we have implemented an information security management system pursuant to the ČSN ISO/IEC series 27000 standard (“Information Technologies – Security Techniques – Information Security Management Systems”).

Scope of Personal Data Processing

We only process such data that enables us to fulfil our legal obligations and contractual undertakings and to protect our legitimate interests.

We particularly collect data concerning participants in arbitration proceedings and our arbitrators. Depending on the situation, we also process data on representatives, including members of statutory bodies and employees of the participants in the proceedings. We process your basic personal data and data from our communication and interaction, as well as other data, so that the scope of such data is reasonable, relevant and restricted to the necessary extent with regard to the purpose for which we collect and process your data.

Our main activity in connection with personal data processing is the resolution of disputes and the administration of arbitration proceedings; see below a complete list of the purposes for which we process your data, including a specification of the data processed for the given purpose.

Personal Data Category Purpose of Processing
  • arbitrators’ identification data and contact details (name, surname, address, phone, email, birth registration number, bank account, data box ID)
fulfilling obligations of the permanent arbitration court according to the legal regulations – legal obligations (administration of proceedings, storing arbitration awards, possible review of a decision by a court), fulfilling agreements (fulfilling obligations under the Exchange Arbitration Court)
  • data on the participants in arbitration proceedings and their representatives (name, surname, address, phone, email, birth registration number, data provided in the arbitration proceedings)
fulfilling obligations of the permanent arbitration court according to the legal regulations – legal obligations (administration of proceedings, storing arbitration awards, possible review of a decision by a court), fulfilling agreements (fulfilling obligations under the Exchange Arbitration Court)
  • identification data and contact details of contractual partners (in particular, name, surname, ID No., VAT No., phone numbers, emails, data box IDs, bank accounts, addresses, ID card numbers),
fulfilling agreements, legitimate interest (in the event of dispute resolution)
  • electronic means of communication used for authentication and authorisation when accessing our systems, websites and mobile applications (digital signatures, certificates, usernames, SMS codes, notifications, serial numbers, MAC addresses) and records of their use,
fulfilling obligations according to the legal regulations (administration of proceedings, legal obligation to secure data and to identify the person acting)
  • records of activity in our systems, devices and applications (log identification details, monitoring applications and systems),
fulfilling legal obligations (administration of proceedings, legal obligation to secure data), legitimate interest (optimising the availability of services)
  • audio recordings of the proceedings of the arbitration court, including the speeches of the arbitrators and participants in the proceedings and their representatives,
legal obligations (Civil Procedure Rules)
  • identification details of persons entering the controller’s premises (visits, participants in the proceedings and their representatives, arbitrators, etc.) and video recordings of such persons via camera systems monitoring the premises used by the controller,
legitimate interest (ensuring the security of the premises and protecting property)
  • cookies
legitimate interest (website operation)

Purposes and Duration of Personal Data Processing

We process your personal data to the necessary extent for the relevant legal purpose or to fulfil contractual obligations. We process certain data since it is necessary to protect the rights and interests of our company or to fulfil the rights and obligations arising from agreements.

The purposes of processing include the following categories:

1)    without the data subject’s consent:

  • fulfilment of the obligations laid down by the law – personal data processing is necessary for such purposes as such data processing is laid down by the law or any other generally binding legal regulation; such regulations include in particular the following:
    • Act No. 216/1994 Sb., on Arbitration Proceedings and on the Enforcement of Arbitration Awards;
    • Act No. 164/2013 Sb., on International Cooperation in Tax Administration;
    • Act No. 563/1991 Sb., on Accounting;
    • Act No. 235/2004 Sb., on Value Added Tax;
    • Agreement No. 72/2014, Collection of International Agreements, between the Czech Republic and the United States of America on Improvement of Compliance with Tax Regulations in an International Scope;
    • Commission Implementing Decision (EU) No. 2016/1250, on the Adequacy of the Protection Provided by the EU-U.S. Privacy Shield.

The PSE processes personal data for such purposes for the necessary period while taking into account requirements for legally defined archiving periods of data retention.

  • Performance of contractual relationship – personal data processing is necessary for the due fulfilment of the rights and obligations arising for the controller from contractual relationships. The controller processes personal data for this purpose throughout the contractual relationship.
  • Controller’s legitimate interest – personal data processing is necessary for this purpose (such as physical protection of the controller’s premises, dispute resolution and protection and enforcement of the controller’s rights, management and collection of claims or the collection of data on job applicants to assess their suitability and compare their applications (CVs)). The controller processes personal data:
    • for the purpose of “dispute resolution and protection and enforcement of the controller’s rights, management and collection of claims” throughout the contractual relationship and until the period stipulated by the statute of limitations arising from the fulfilment of rights and obligations expires on the basis of the relevant contractual relationship.
    • for the purpose of “physical protection of the controller’s premises” for the time necessary to protect the controller’s interests.
    • for the purpose of “collection of data on job applicants” for the duration of the selection procedure.

2)    with the data subject’s consent:

  • for other purposes (such as for marketing purposes, etc.).

The data that you provide to us with your consent is provided voluntarily. If the data is processed with your consent, such consent is granted for the time stated in the consent.

In most cases, the data is processed for several legal reasons which may be in effect concurrently or follow each other.

Source of Personal Data

Depending on the situation, we process data that we received from participants in arbitration proceedings, arbitrators, entities with which we have concluded an agreement, data from publicly available sources and registers, lists and records (such as the Commercial Register) and data from third parties if a special regulation so stipulates.

Method used for Personal Data Processing

The PSE processes personal data by automated means and manually.

Disclosing Personal Data to Third Parties

In principle, we process personal data within our company. We only provide the data to third parties with your consent or if it is stipulated by law. Where it is necessary to achieve any of the above-mentioned purposes, in particular, if the relevant external entity has attained the necessary professional and expert level in the relevant area, your data may be processed by cooperating contractors.

  • The PSE passes the personal data of participants in the arbitration proceedings and arbitrators on to courts when the outcome of the proceedings is reviewed by a court, to enforcement authorities when an enforcement order is issued and to legally authorised government authorities on the basis of their requests (law enforcement, courts, tax authorities, notaries).
  • The PSE processes personal data through its own employees as the personal data controller or through its suppliers. The PSE shall ensure technical, organisational and personnel measures that lead to a high level of protection and personal data security. If we commission another person to perform certain activities that constitute a part of our services, the supplier may have access to the relevant personal data. The supplier is entitled to handle personal data solely for the purposes and to the extent to which it is contractually authorised to do so by the PSE. In such an event, your consent to the performance of the activities is not required since such processing is allowed directly by law. Where we use cloud storage sites, a high level of data security is ensured. Suppliers include, in particular, the following:
    • external IT service providers,
    • providers of cloud storage services,
    • entities collecting our claims,
    • companies and persons providing legal services,
    • companies providing data and document archives,
    • providers of printing and postal services,
    • reception and security service providers.
  • We may disclose your personal data to recipients and processors in third countries if the legal conditions are met (e.g. compliance with international tax cooperation obligations). In these cases, the same protection of your personal data is guaranteed by contractual and legal regulation as in the case of the PSE.

Data Subject’s Rights

We process your data transparently, fairly, correctly and in accordance with the law. You have the right to access your data and a right to explanation, as well as other rights if you believe that the processing is not correct. You may also submit a complaint to the Office for Personal Data Protection. You can exercise your rights in the relevant company from our group with which you have a relationship.

You can contact the controller or its data protection officer with queries concerning the processing of personal data; the contact data of the administrator and the data protection officer is available in the Contacts tab. You can also contact the controller in writing at its address, which is also listed in the Contacts tab.

Right of access to personal data and right to be informed – you are entitled to access your personal data, in particular, the information on the processing of your personal data, without prejudice to third-party rights. For repeated requests, we may request reasonable compensation for providing the information, which must not exceed the costs necessary for the provision of the information.

Right to personal data correction – if your personal data is incorrect or inaccurate, you may request the correction of such data. It is possible to request the completion of incomplete data, taking into account the purposes for which the data is processed.

Right to removal – you are entitled to have your personal data removed if our processing is unauthorised or if your consent to its processing has been revoked.

Right to raise an objection – should the controller breach its obligations concerning the collecting or processing of personal data, you are entitled to request that the controller provides an explanation of such conduct, refrains from such conduct or remedies the relevant situation.

Right to file a complaint with the supervisory authority – you are entitled to file a complaint with the supervisory authority (Office for Personal Data Protection, https://www.uoou.cz/en/) if you believe that the processing of your personal data violated its protection.

Other rights – you have the right to restrict the processing and the right to data transferability under the conditions laid down by law.

Here are some practical tips:

You don’t wish to, or cannot, provide us with your personal data. – You can refuse to provide us with the personal data we request. However, if the provision of such data is mandatory according to the law, we cannot provide you with the related service.

Do you wish to revoke your consent? – You may withdraw your consent at any time in those cases where we have requested your consent to carry out the data processing. Revoking your consent is without prejudice to the processing of your data for the period for which your consent has been validly given or to the processing of your data for other legal reasons, where applicable (e.g. compliance with legal obligations or for the purposes of our legitimate interests).

Do you wish to restrict marketing?

If you gave us your consent for marketing or if you receive newsletters from us for any other rightful reasons, you may revoke your consent at any time or you may unsubscribe from our newsletters in the following manners:

  • the possibility of cancelling the newsletters is incorporated directly in our newsletters;
  • if you no longer wish us to call you, please inform us during a telephone conversation;
  • you can inform us at our registered office or in writing that you no longer wish to receive our newsletters.

If you wish to restrict or revoke your consent to data processing for marketing purposes, please fill in this document and send it to us at info(a)pse.cz. You may also change the settings of your consent at some of our electronic gateways.

Please note that if you restrict marketing, we may still contact you for servicing purposes, and therefore we may use your contact data to send you service messages and for purposes other than marketing.

Visitors to our website may revoke their consent to the processing of cookies in the manner stated below.

Cookie Settings

What are cookies and why do we use them?

This website uses cookies to enhance your comfort and to improve your browsing experience.

A cookie is information that is stored on your device as a small data file whenever you visit a website. Each time you visit the same server, the browser sends such data back to the server. They are used by most websites. Cookies are commonly used to differentiate individual users and help to remember their activities and preferences for a certain period of time so they do not have to re-enter them when they return to the site or go from page to page, thus making web browsing easier and more enjoyable. Information from cookies can also be used for targeted advertising and statistical evaluation of visitor behaviour. Cookies can never be used by third parties to identify visitors. Further information on this topic is available at https://www.aboutcookies.org.

Users may opt into or out of the cookies. This may be changed at any time and can be done directly via your browser settings. Further information is provided below.

What types of cookies are used on the website?

Our website collects cookies from our website and cookies from external services.

Our cookies:

Name Expiration who can access the information Description
prague_stock_exchange_session 2 hours cookies from our website to identify the browser’s connection to the server
XSRT-TOKEN 2 hours cookies from our website to secure web forms and to ensure protection against robots, misuse and theft of data entered into the form
cookie-bar visit cookies from our website for the acceptance of cookies on the website by the user

These cookies are functional cookies, i.e. if you block their use in the browser settings, the functionality of the website may deteriorate significantly.

We do not use cookies for the processing of personal data and our own targeted ads based on their analysis, for the processing of which it is necessary to ensure your consent.

Third-party Cookies:

Some of our sites show content from external providers, e.g. YouTube, Twitter, Facebook and LinkedIn. These services also use cookies. These cookies are managed by third parties, and we do not have access that permits us to read or write the data stored in such cookies, nor can we set their expiration. We do not have control over them. They are mainly systems for analysing traffic and offering content from social networks. In order to view such third-party content, you must first accept their terms and conditions. This includes their cookie policy, over which we also do not have any control and which may change at any time.

Service Description and link to the provider’s detailed information
GoogleAnalytics Website traffic analysis. A website analysis tool from Google which stores cookies in your browser in order to make a report on the behaviour of the users of the site. The IP addresses of website visitors are anonymised, i.e. these cookies detect how you interacted with our website – as an anonymous user.

https://policies.google.com/terms?hl=en&gl=be

https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage

https://support.google.com/analytics/answer/2763052

DoubleClick,
Adsense
Measuring the effectiveness and implementation of online marketing campaigns (advertising). The tool helps to view personalised advertising based on users’ behaviour on the website.

https://support.google.com/ads/answer/7395996

https://policies.google.com/technologies/partner-sites

Facebook Displaying content from the Facebook server and evaluating the viewing of such content by visitors to the website.

https://www.facebook.com/policies/cookies

LinkedIn Displaying content from the LinkedIn server and evaluating the viewing of such content by visitors to the website.

https://www.linkedin.com/legal/user-agreement

Twitter Displaying short messages from the Twitter server and from the PSE’s Twitter account and evaluating the viewing of such content by visitors to the website.

https://twitter.com/en/tos#intlTerms

YouTube Displaying videos from the YouTube server and evaluating the viewing of such content by visitors to the website.

https://www.youtube.com/t/terms

Can I influence the processing of cookies?

You can delete or block cookies from your computer at any time. Further information is available at https://www.aboutcookies.org.

Deleting Cookies

You can delete cookies in your browser, usually in the search history settings or the history of pages visited. However, keep in mind that it can also mean that you will lose some of the stored information (e.g. saved login passwords, personalisation of some websites, etc.).

Management of Cookies from Specific Websites

If you want to perform a more detailed check on cookies from specific websites, use the privacy and cookies settings in your browser.

Blocking Cookies

Browsers can be set to prevent the use of any cookies on your device. However, you may need to adjust some preferences on some websites manually each time you visit.

Google Analytics Opt-out

You can prevent Google Analytics from storing cookies by installing the Google Analytics Opt-out browser extension (https://tools.google.com/dlpage/gaoptout).

How can you check or change cookie settings in different browsers?

Here you will find information for settings in specific browsers:

Browser Instructions for a given browser
Chrome https://support.google.com/accounts/answer/61416?co=GENIE.Platform%3DDesktop&hl=cs
Opera https://help.opera.com/cs/latest/web-preferences/
Firefox https://support.mozilla.org/cs/kb/rozsirena-ochrana-proti-sledovani-ve-firefoxu-pro-

https://support.mozilla.org/en-US/kb/enhanced-tracking-protection-firefox-desktop

Internet Explorer, Edge https://support.microsoft.com/cs-cz/topic/odstran%C4%9Bn%C3%AD-a-spr%C3%A1va-soubor%C5%AF-cookie-168dab11-0753-043d-7c16-ede5947fc64d
Safari https://support.apple.com/cs-cz/guide/safari/sfri11471/mac