Privacy Policy

ESA s.r.o. (ESA) values the protection of your personal data. This privacy statement sets out how your personal data will be used and processed by ESA in compliance with the General Data Protection Regulation no. 2016/679 (GDPR) which takes effect from May 25, 2018.

ESA will be the data controller in respect of your personal data for the purposes of data protection legislation. The purpose of this privacy statement is to explain to how your data will be collected, processed, transferred and retained and your rights in respect of such data.

1. Company details
ESA s.r.o. 
Head office: Oldřichova 158, Kladno – Dubí, PSČ 272 03
Company ID: 463 51 141, Tax ID:CZ46351141
Registered by Městský soud v Praze under the no. C 11538

2. What personal data do we collect?
There are various purposes for which ESA collects and processes your personal data. ESA collects and processes contact details in the context of its service provision to business contacts, including:
- Title (e.g. Mr, Mrs..)
- Full name
- Job title
- Business addresses
- Business mobile telephone number
- Business e-mail addresses
This data is processed for the following purposes:
- to contact you;
- to be able to process your application;
- to be able to implement an agreement;
- to process your order and inform you about its progress.

3. What will we use this data for?
ESA collects and stores the data described above in order to process your data. We do not pass on personal data to other parties with whom we do not have a process agreement. We make the necessary agreements with these parties (processors) to ensure the security of your personal data.
Furthermore, we will not provide the information you provide to other parties, unless this is legally required and permitted.
We will store your personal data in our Customer Relationship Management (CRM) Systems. We may allow employees or affiliates of ESA, including Hitachi Transport System Ltd. to access your personal details stored in these systems.

4. Justification of processing data
The GDPR is founded upon specific principles on which the detailed obligations and restrictions are built. In summary, personal data must be:
- processed lawfully, fairly and transparently (“lawfulness, fairness and transparency”)
- collected for specified, explicit and legitimate purposes (“purpose limitation”)
- adequate, relevant and limited to what is necessary (“data minimisation”)
- accurate and kept up to date (“accuracy”)
- stored for no longer than is necessary (“storage limitation”)
- appropriately secured (“integrity and confidentiality”)
There are three grounds most likely to be relevant to processing data within ESA:
1.    the individual has given their consent to the processing;
2.    the processing is necessary for the performance of a contract;
3.    the processing is necessary for the purposes of the legitimate interests of the data controller.

5. Your rights regarding data as a data subject
As a data subject you have rights set out in data protection legislation which may exercise by contacting ESA via the contact details addressed in sec. 8. Your rights in relation to your personal data include the right to:
- request access to any personal data
- revent the processing of your personal data for direct-marketing purposes
- ask to have inaccurate personal data amended
- have your personal data erased
- object to automated processing or profiling which produces legal effects
- receive personal data held about you in a commonly used, machine-readable format

6. Technical and organizational measures
We have taken appropriate technical and organizational measures to protect your personal data against unlawful processing, for example we have taken the following measures:
- all persons who are able to access your data on behalf of ESA are obliged to maintain their confidentiality
- we use a username and password policy on all our systems
- we ‘pseudonymise’ and ensure the encryption of personal data if there is reason to do so
- we back up the personal data in order to be able to recover it in the event of physical or technical incidents
- we regularly test and evaluate our measures
- our employees have been informed about the importance of the protection of personal data

7. Retention periods
ESA does not store personal data longer than necessary for the purpose for which it was provided or required by law.

8. Complaints
Questions, comment and requests regarding this privacy notice are welcomed and should be addressed to 

Editorial system WebEditorial - NETservis s.r.o. © 2019

     Web map      RSS service      XML Sitemap