Data protection
1. Introductory Provisions
1.1. The purpose of this document is to inform the data subject about the processing of their personal data, including the specific purposes, scope, and duration of the data processing.
1.2. The Controller processes personal data provided by the Customer through the contact form, by making a reservation, or by entering into and fulfilling contracts. This includes the Customer's name, surname, date of birth, academic title, permanent address, identification document and visa numbers, bank details, email address, and phone number. It also includes data arising from communication between the Customer and the Controller (both written and electronic communication), as well as information about the Customer's behaviour on the company's website www.eliojet.cz obtained from cookies if cookies are enabled in the web browser.
2. Controller
2.1. The Controller of personal data is Elio Jet a.s., Company ID: 196 45 601, with its registered office at Walterovo nám. 329/3, Jinonice, 158 00 Prague 5, registered in the Commercial Register maintained by the Municipal Court in Prague, Section B, Insert 28322.
2.2. Contact details for inquiries regarding personal data, for submitting complaints, objections, or for exercising rights are as follows:
- e-mail: legal@eliojet.com
- Postal address: Walterovo nám. 329/3, Jinonice, 158 00 Praha 5
3. Purposes of Personal Data Processing
3.1. Processing of personal data for the purpose of concluding and fulfilling contracts, complying with legal obligations, and for the legitimate interests of the Controller
The processing of personal data for the purpose of concluding and fulfilling contracts (flight bookings), complying with the Controller's legal obligations, and protecting the legitimate interests of the Controller related to the services it offers and provides. Without providing data for these purposes, the Controller would not be able to provide services. Consent from the Customer is not required for the processing of personal data for these purposes. However, the Customer has the right to object to the processing of personal data for the purposes of the Controller’s legitimate interests.
The Controller processes personal data to the extent necessary to fulfil these purposes and for the duration necessary to achieve them or for the period specified by legal regulations. Subsequently, personal data is deleted or anonymized.
The Controller is authorized to process in its database the basic personal, identification, and contact details of the Customer and the data from communication between the Customer and the Controller for a period of 3 years from the date of termination of the contract. Accounting documents (invoices) issued by the Controller are archived for 10 years from their issuance (according to § 35 of Act No. 235/2004 Coll., on Value Added Tax). Due to the obligation to document the legal reason for issuing accounting documents (invoices), the Controller also archives contracts concluded between the Controller and the Customer for a period of 10 years from the termination of the contract.
3.2. Processing of Personal Data for the Purpose of Performing the Controller's Marketing and Commercial Activities
If the Customer gives consent, their personal data are processed for the purpose of performing the Controller's marketing and commercial activities, specifically through follow-up contact and the creation and sending of offers by the Controller. Direct marketing activities include:
- Sending targeted and relevant information about news, events, product and service offers, by all means including electronic means
- Sending catalogs and commercial communications by all means including electronic means
- Conducting simple segmentation (profiling) – which means selecting appropriate offers based on the Customer's activity, previous orders made, paid orders, the subject's request, their age and gender, and identified preferences
The legal basis for processing for this purpose is the subject's consent. This consent remains valid for a maximum period of ten years and then expires or until the Customer withdraws it. Without consent, only in cases where the Controller processes the contact details of its Customers due to its legitimate interest for the purpose of direct marketing. In such cases, the Customer has the right to object.
4. Cookies
Cookies are short text files that a website sends to the browser. They allow the website to record information about the Customer's visit, such as preferred language and other settings. If you have cookies enabled in your web browser, Eli Jet a.s. processes records of the Customer's behavior on the controller's website for the purpose of improving the operation of the controller's website, and also for direct marketing. Saving cookies can be disabled in the settings of the web browser. Disabling cookies may make some functions of the website unavailable. For more information, please refer to the Cookies section.
5. Withdrawal of Consent, Objections, and Complaints
The consent granted by the Customer to the Administrator may be revoked at any time by sending such a written declaration to the email ADDRESS or to the address Walterovo nám. 329/3, Jinonice, 158 00 Prague 5.
If the processing is based on legitimate interest, the Customer may object to it. Submitting objections to processing for the purpose of direct marketing means terminating such processing upon delivery of such objection. For other processing purposes, objections will lead to a review of the validity of the objections and providing the Customer with information on the handling of these objections. Objections may be submitted via email to ADDRESS or to the address Walterovo nám. 329/3, Jinonice, 158 00 Prague 5.
If the Customer believes that the Administrator is not complying with legal regulations or has other objections regarding the processing of personal data, they may file a complaint via email at ADDRESS or to the address Walterovo nám. 329/3, Jinonice, 158 00 Prague 5.
The Customer may file a complaint with the Office for Personal Data Protection at any time.
6. Customer Rights Regarding Personal Data Protection
Right to Access Personal Data:
The customer has the right to know what data the Controller processes about them, for what purpose, for how long, where the Controller obtains personal data, to whom it is transferred, who else processes it besides the Controller, and what other rights and obligations are related to the processing of personal data.
Right to Rectification or Completion:
If the customer discovers that their personal data processed by the Controller is inaccurate or incomplete, the customer has the right to have the Controller correct or complete it without undue delay.
Right to Erasure:
The customer has the right to have their personal data erased by the Controller, provided that one of the following reasons applies: (i) the personal data is no longer necessary for the purposes for which it was processed by the Controller, (ii) the customer withdraws consent for the processing of personal data for which the customer's consent is essential, and the Controller has no other reason to continue processing this data, (iii) the customer exercises their right to object to the processing of personal data, which the Controller processes, and the Controller finds that it no longer has any legitimate interests justifying this processing, and/or (iv) the customer believes that the processing of personal data carried out by the Controller is no longer in accordance with the applicable laws. This right shall not apply if the processing of the customer's personal data is still necessary to fulfill the Controller's legal obligations or to establish and exercise the Controller's legal claims.
Right to Restriction of Processing:
The customer may also exercise the right to restrict the processing of personal data, ensuring that such data are not subject to any further processing operations. The Controller must restrict the processing of personal data when the customer disputes the accuracy of personal data (until they are corrected), etc. For the duration during which the Controller assesses the validity and legitimacy of the objection, they are obliged to restrict the processing of your personal data.
Right to Object to Processing:
The customer has the right to object to the processing of personal data carried out for the legitimate interests of the Controller. If it concerns marketing activities, the Controller will cease processing the customer's personal data without further ado; in other cases, it will do so unless it has compelling legitimate reasons to continue such processing, or for the establishment, exercise, or defense of legal claims.
Right to Lodge a Complaint:
Exercising the rights outlined above does not affect the customer's right to lodge a complaint with the relevant supervisory authority, which is the Office for Personal Data Protection, located at Pplk. Sochora 27, 170 00 Prague 7. If the customer believes that the Controller is engaged in unauthorized or otherwise faulty processing of their personal data, they should first contact the Controller.
In Prague 1. 5. 2024
Elio Jet a.s.