Privacy Notice
This Privacy Notice (hereinafter referred to as „Notice“) was published by Aisa International. s. r. o., ID 28224981, held at the Municipal Court in Prague, file C, 133603, with its registered office in Pitterova 2855/7, Žižkov, 130 00 Praha 3 (hereinafter referred to as “Company”), as an administrator of personal details that the clients and potential clients entrusted the Company with. This Notice is effective as of 1st January 2021 and valid until adjusted.
This document explains how does the Company use the personal data that collects from its Customers and potential Customer, in compliance with Act no. 110/2019 Coll., on Processing Personal Data and Regulation (EU) No. 2016/679 of the European Parliament and the Council of 27th April 2016 (Hereinafter referred to as “GDPR”).
What information do we collect?
We process information about you when you become our client in the field of financial planning or financial advice, mortgage, investment and insurance products. Not all services are available in all countries, we will explain to you what services are available in your country
Categories of personal data processed by the Company:
- Identification detail
- Contact details
- Information on sources and the total amount of income
- Data serving for assessment of needs and suitability
- Health data and retirement age
Furthermore, the Company also performs the Customers inspections in terms of Act no. 259/2008 Coll, §9, on certain measures against anti-money laundering and terrorism financing. In the terms of Act no. 256/2004 Coll., on trading at the capital market, the Company keeps records or certain communication with Customer and potential Customer.
We can also collect information when you voluntarily complete client surveys and provide feedback to us through our online system Money-Trove (hereinafter referred to as “Trove”).
Information about connected individuals
We may need to gather personal information about your close family members and dependants in order to provide our service to you effectively. In such cases, it will be your responsibility to ensure that you have the consent of the people concerned to pass their information on to us. We’ll provide a copy of this privacy notice for them if we are also providing services to them or, where appropriate, ask you to pass the privacy information to them.
Why do we need to collect and use your personal data?
Processing your personal data by the Company is based on the following legal reasons:
- Performance of the contract concluded between the Company and you as a client. This legal reason is applied to process the data and information that are essential for proper and responsible providing services according to a contract that you have concluded with us. Furthermore, this reason is applied to process personal details during the negotiation that lead to the contract conclusion between you and the Company.
- Meeting the Company´s legal obligations as a personal data administrator. Concerning the fact that we provide services in strictly regulated areas, we must meet various obligations to ensure the legality of our business. It also includes obligatory to process your personal details, for example, to prevent anti-money laundering and terrorism financing, protection of the consumer and accounting.
- Company´s legitimate interests. Our legitimate interest is, for example, a protection of our legal interests in case of judicial, administrative, arbitration and other proceedings or optimization of our web services and instruments and associated user interaction analysis.
- Your consent. We need your consent, for example, when we intend to process your personal data for marketing purposes or when you entrust us with a special category of personal details (e.g., health details) to set our cooperation and arrange suitable products.
How do we use information about you?
We always gather such amount of your personal details that are essential to achieve the intended purpose of their processing. The purposes of your personal data processing include:
- Handling communication with clients, potential clients and the public;
- Evaluation of client´s requirements for our services (in particular, assessment of data gathered within the initial negotiation of the future cooperation
- Concluding a contract with a client on the provision of our services and subsequent performance of the contract;
- Anti-money laundering and terrorism financing;
- Meeting obligations set to protect the user (meeting the information obligation, assessment of clients´ creditworthiness, allowing a client to exercise his rights);
- Meeting Company´s obligations as legal and economic subject (obligation to keeping records, archive, tax and accounting obligations, information obligation towards the supervisory authorities and institutions);
- handling claims, requirements and complaints;
- clients´ data records in case of disputes, administration and other procedures;
- optimizing instruments used when providing our services;
- sending information about the Company´s service, activities and other information related to its activity;
- monitoring of Customers´ feedback in order to improve our services.
Who might we share your information with?
In order to provide our services effectively, we may share your personal details with the following subjects:
- our tied agents with whom we have a contractual relationship and who are directly involved in our services mediation and provision;
- suppliers of products and services that we mediate for you in compliance with the contract;
- providers of compliance, accounting or legal services;
- providers of IT services, instruments and resolutions that we use to provide our services;
- authorities or institutions supervision our activities (Czech National Bank, Financial Analytical Office, Financial Arbitrator etc.).
Furthermore, we may share your personal data with affiliated subjects within the AISA trademark companies for internal administrative purposes (assessment of risk and conflict of interest, reporting, handling claims) or for purpose of sending important information on Aisa group functioning. Your personal data are not shared with third countries.
We do not share your personal data with any subjects outside the Aisa group for marketing purposes.
Where third parties are involved in processing your personal data (so-called processor), we ensure the performance of mutual obligations to your personal data protection on the basis of the contract in compliance with principles of trustworthiness and our written instructions.
To transit your personal data to third parties, the Company uses appropriate security measures to protect your personal data in transit. Entire data sent to third parties are encrypted and password protected. Entire data in Trove are safely encrypted and access to the system is two factors authenticated.
In certain cases, based on by law defined conditions and applicable legal regulations, we are obliged to send your personal data to the public authorities and law enforcement authorities.
How long do we keep hold of your information?
The Company keep hold of your personal data for the time required concerning their purpose and respect the time limits set by legal regulations. We keep the personal data gathered in order to perform the contracts for the maximum period of 6 years after our relationship with you terminated considering the time limits to employ potential claims. The e-mail communications are usually deleted after 1 year except for those related to the personal advisory. We keep data processed on basis of consent for the period of 3 years since the consent was given. Certain data related to accounting (e.g., billing details) must be stored for the period of 10 years since the relevant financial year ended.
You have the right to request the deletion of your personal data. We will assess this request and will accommodate it if no legal regulation or any other legal reason will not prevent the deletion.
How can you access the information we hold about you?
You have the right to request a copy of the personal information that we hold about you. If you would like a copy of some or all of your personal information, please or write us using the contact details noted below. Where appropriate, we will provide this information in a digital format.
When your data is processed by automated means, you have the right to ask us to move your personal data to another administrator designated by you.
The Company is obliged to ensure that your personal data is accurate and up to date. Please ask us to correct or remove any information that you think is incorrect.
Your rights related to personal data protection
Besides rights described above in this Notice, you have the following rights under Articles 15 to 22 of GDPR regulation:
- right to access personal details, i.e., right to require confirmation whether the particular personal details are processed by the Company, as well as to provide additional information related to performed processing;
- right to have the personal details corrected, if you assume they are not complete or correct;
- right to have the personal details deleted (“right to be forgotten”), if the details are no longer necessary for the intended purpose or if other legal preconditions are met;
- right to limit the processing of personal data, i.e., to issue an order to the Company to limit data processing to storing them only until the issue for which the restriction occurred is resolved;
- right to data portability, i.e., right to ask the Company to transmit your personal details to another administrator, if possible and feasible;
- right to object to processing performed on the basis of the administrator´s legitimate interests.
Automated decision making and profiling
If you use Trove, your personal information is gathered by entering them into the system – automated tools and mechanisms are used for their processing. If you are unsure about the outcome of the automated process, you may contact us to discuss or challenge the outcome and require a remedy.
We take measures to ensure the security of your data by following best practices and technical standards including encryption and separate databases held on private servers with full security and regular anti-heck checks or random data loss.
We do not use any special category database, e.g., your health data, in an automated process unless it´s strictly necessary to deliver our service and we have obtained your explicit consent to do so.
Marketing
We would like to send you information about our products and services and those of other companies in our group which may be of interest to you. If you have agreed to receive marketing information, you may opt out anytime, without any sanctions. You can either reach us at the contacts mentioned below or unsubscribe from the newsletter by clicking the relevant link in the delivered message. You can also withdraw your agreement to share your information with other Aisa group members.
Cookies
What are cookies?
Cookies are small text files that are used to store small pieces of information. They are stored on your device when the website is loaded on your browser. These cookies help us make the website function properly, make it more secure, provide better user experience, and understand how the website performs and to analyze what works and where it needs improvement.
How do we use cookies?
As most of the online services, our website uses first-party and third-party cookies for several purposes. First-party cookies are mostly necessary for the website to function the right way, and they do not collect any of your personally identifiable data.
The third-party cookies used on our website are mainly for understanding how the website performs, how you interact with our website, keeping our services secure, providing advertisements that are relevant to you, and all in all providing you with a better and improved user experience and help speed up your future interactions with our website.
Types of Cookies we use
Manage cookie preferences
You can change your cookie preferences any time by clicking the above button. This will let you revisit the cookie consent banner and change your preferences or withdraw your consent right away.
In addition to this, different browsers provide different methods to block and delete cookies used by websites. You can change the settings of your browser to block/delete the cookies. Listed below are the links to the support documents on how to manage and delete cookies from the major web browsers.
Chrome: https://support.google.com/accounts/answer/32050
Safari: https://support.apple.com/en-in/guide/safari/sfri11471/mac
Internet Explorer: https://support.microsoft.com/en-us/topic/how-to-delete-cookie-files-in-internet-explorer-bca9446f-d873-78de-77ba-d42645fa52fc
Right to lodge a complaint with a supervisory authority
We will be pleased to resolve your entire requests and initiatives. If you are still not happy with the results, you may lodge a complaint with a supervisory authority, that is Úřad pro ochranu osobních údajů – Personal Data Protection Authority (Pplk. Sochora 27, 170 00 Praha 7, tel.: +420 234 665 111, web: https://www.uoou.cz/).
How to exercise own rights and contact us
If you have any questions related to our Notice or information that we hold about you, please contact us by e-mail at
Or in writing at Štítného 202/35, 130 00 Praha 3, Česká republika.
Information about the Data Protection Officer (DPO):
Name: James Pearcy-Caldwell
Contact: