I. INTRODUCTION
The individual members of the association SOLUS, interest association of legal entities, ID No. 693 46 925 (hereinafter also “SOLUS” or “the association SOLUS”) have a common interest in participating in The Register of natural persons of the association SOLUS (also referred to as the “Register FO”), The Register of Legal entities and Entrepreneurs (also referred to as the “Register IČ”), The Positive Register of the association SOLUS (also referred to as the “Positive Register”), or The Register of Creditworthiness of the association SOLUS (also referred to as the Register of Creditworthiness) in which data on clients of individual member companies of the association SOLUS are processed, both for natural persons (entrepreneurs and non-entrepreneurs) and legal entities. The primary purpose of the Register FO, the Register IČ, Positive Register and the Register of Creditworthiness is to inform members of SOLUS about consumer (entrepreneur) identification data and about matters that relate to creditworthiness, payment morale and credibility.
Data from other types of contractual relationships are recorded in the Register of Third Parties of the association SOLUS, for which there is separate Instruction on the Register of Third Parties.
The Register FO, the Register IČ and the Positive Register are, within the meaning of Section 20z of the Act no. 634/1992 Coll., On Consumer Protection, as amended, databases containing data of consumers and, where appropriate, other entities, on matters of their creditworthiness and credibility.
The Register of Creditworthiness is, within the meaning of Section 88 of the Act no. 257/2016 Coll., on Consumer Credit, a database used for mutual information of credit providers on debt data that indicate the consumer´s creditworthiness. The legal basis for the processing of clients’ personal data in the Register of Creditworthiness is (i) fulfilment of legal obligations of creditors in case that a consumer credit is provided to a natural person, (ii) the legitimate interests of creditors in case that a non-consumer credit is provided to a natural person, in particular the interest to provide credit products only to creditworthy and trustworthy clients, (iii) legal authorization for the processing of social security number in case it is necessary for the enforcement of private law claims or for the prevention of emergence of unpaid debts.
II. THE SCOPE OF PROCESSED PERSONAL DATA IN THE REGISTER FO AND THE REGISTER IČ
Within the Register FO and the Register IČ are besides identification data information (name, surname, personal identification number or identification number and address) processed the data on the extent and nature of breach of the contractual obligation by the client, the result of which is the existence of a financial claim in delay of at least two instalments in the amount of at least 500 CZK or the existence of any financial claim in the amount of at least 500 CZK of the member company for the client for more than 30 days after maturity, the nature of the obligation from which that obligation arises and the subsequent payment discipline of the client. The Register FO and the Register IČ are therefore so-called negative registers.
Therefore, personal data of the client who did not violate the contractual obligations towards the member company are not processed within the Register FO and the Register IČ. Within the Register FO and the Register IČ, there are processed no so-called special categories of personal data within the meaning of Article 9 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter “GDPR“), for example, data concerning health.
A sum of the above mentioned data from all member companies (resp. those member companies against which the client has committed a breach of contractual obligation) together with other publicly available data about the client obtained for the relevant purposes (especially the data of the client contained in the Insolvency register, maintained pursuant to Act No. 182/2006 Coll., Insolvency law) and data on statistical evaluations of creditworthiness and credibility of the client create so-called Information file of the Register FO resp. Information file of the Register IČ.
Data on natural persons are processed in the Register FO, data on natural persons – entrepreneurs and legal entities are processed in the Register IČ.
III. THE SCOPE OF PROCESSED PERSONAL DATA IN THE POSITIVE REGISTER AND THE REGISTER OF CREDITWORTHINESS
Within the Positive Register and The Register of Creditworthiness, besides the identification data (name, surname, date, place and country of birth, gender, nationality, birth registration number, ID number, addresses and information about identity documents), the following data on clients are processed:
The so-called special categories of personal data within the meaning of Article 9 of the GDPR are not processed in the Positive Register nor the Register of Creditworthiness (e.g. data concerning health etc.).
The sum of the above mentioned data from all member companies (resp. from those member companies with which the client entered the contract negotiations) together with other publicly available personal data about the client obtained for the relevant purposes (especially the personal data of the client contained in the Insolvency register maintained pursuant to Act No. 182/2006 Coll., Insolvency law) and data on statistical evaluations of creditworthiness and credibility of the client create so-called Information file of the Positive Register or Information file of the Register of Creditworthiness.
IV. IDENTIFICATION OF ENTITIES OR PERSONS WHO MAY HAVE ACCESS TO PERSONAL DATA PROCESSED IN THE REGISTER FO, REGISTER IČ, POSITIVE REGISTER AND THE REGISTER OF CREDITWORTHINESS
Data Controller of the Register FO, Registry IČ,Positive Register and the Register of Creditworthiness: association SOLUS, interest association of legal entities, ID No. 693 46 925, with registered office at Prague 4 – Krč, Antala Staška 510/38, Post Code 140 00.
Data processor of the Register FO, Register IČ, Positive Register and the Register of Creditworthiness: Společnost pro informační databáze, a.s., ID No. 261 18 513, with registered office at Prague 4 – Krč, Antala Staška 510/38, Post Code 140 00, (hereinafter also “SID”). Based on the written contract between the administrator and the users of the SOLUS registers, the SID will provide services related to the mutual information of creditors about the creditworthiness, credibility and payment morale of their clients and / or service seekers.
User of the Register FO: individual members of the association SOLUS who have concluded a contract with SOLUS and SID on the processing of data within the FO Register.
User of the Register IČ: individual members of the association SOLUS who have concluded a contract with the SOLUS and SID on the processing of data within the Register IČ.
User of the Positive Register: individual members of the association SOLUS who have concluded a contract with SOLUS and SID on the processing of data within the Positive Register.
User of the Register of Creditworthiness: individual members of the association SOLUS who have concluded a contract with SOLUS and SID on the processing of data within the Register of Creditworthiness.
The current list of SOLUS members is available on the website of SOLUS: www.solus.cz.
Other entity involved in the processing of data: the processor (SID), in order to ensure the maximal security of the processed data, may use services of another person in processing (so called technical processor) on the basis of a written contract between the processor and the technical processor. The technical processor processes the data contained in the relevant register, while the client’s personal data being encrypted. The technical processor does not have the key to decrypt the encrypted data and therefore will not have access to the names, surnames, and birth numbers of clients and / or applicants.
At the date of publication of this document, i.e. 21st September 2023, the technical processor of the Register FO, the Register IČ, the Positive Register and the Register of Creditworthiness is Global Payments Europe, s.r.o., ID No. 270 88 936, with registered office at Prague 10, Strašnice, V Olšinách 80/626, ZIP 100 00.
V. DESCRIPTION OF FUNCTIONING OF THE REGISTER FO, REGISTER IČ, POSITIVE REGISTER AND THE REGISTER OF CREDITWORTHINESS
The Register FO, Register IČ, Positive Register and the Register of Creditworthiness are common databases of data created on the basis of information provided by members of SOLUS about their client portfolio and, in case of Positive Register, about their potential clients requesting their service.
The information (data) contained in the Register FO, the Register IČ and the Positive Register are regularly updated (at least once a month) by the users of the SOLUS registers and they are kept for the mutual information of the individual members of the association SOLUS.
Information (data) on contractual relationships with clients is provided by individual members of the association SOLUS to SID, which further processes these data (itself or through the so-called technical processor).
SID will make the information thus processed (data) available, in case of Register FO,Register IČ and the Register of Creditworthiness in the form of reports upon request to individual members of SOLUS using the Register FO, the Register IČ, the Positive Register or the Register of Creditworthiness, solely for the purpose of preventing fraudulent behaviour and assessing ability and willingness of the consumer (entrepreneur) to fulfil his contractual obligations (assessment of creditworthiness, payment discipline and credibility).
The importing of personal data into the Positive Register of SOLUS by one of the creditor entities does not automatically mean that this data will be freely accessible to other members of the association SOLUS – other members of SOLUS will need the demonstrable consent of the relevant client to ask for the data contained in the Positive Register of SOLUS.
In the Register FO and in the Register IČ, the data are processed for the period of the client’s delay with the payment of his / her obligations and 3 years after the end of the delay; in the case of electronic communications services and energy supply services for the period of the client’s delay with the payment of his / her obligations and one year after the end of the delay.
The personal data indicating that the loan was approved or withdrawn will be processed in the Positive Register for the duration of the contract and 3 years after its termination; in the case of electronic communications services and energy supply services for the duration of the contract and one year after its termination. If the time of the duration of the contract exceeds 10 years, individual payment history data older than 10 years will be liquidated. If the application for a loan has been revoked or refused, the Positive Register stores personal data for a maximum of three months.
In the Register of Creditworthiness, data are processed for the period of the client’s delay with the payment of his/her obligations and 3 years after the end of the delay. The personal data indicating that the loan was approved or withdrawn will be processed in the Positive Register for the duration of the contract and 3 years after its termination. If the time of the duration of the contract exceeds 10 years, individual payment history data older than 10 years will be liquidated. If the application for a loan has been revoked or refused, the Register of Creditworthiness stores personal data for a maximum of three months.
VI. DECLARATION ON SAFETY OF PROCESSED DATA
The high level of security of processed data (including communication), which is ensured within all SOLUS registers, prevents unauthorized or accidental access to information (data) contained in any of Registers of SOLUS, their modification, destruction or loss, unauthorized transmissions, their unauthorized processing, as well as other misuse of the processed information.
Basic safety features:
The use of modern technologies regarding the operation of the system and the security of the transfer and storage of data of SOLUS members client’s and contractually defined relationships and guarantees minimize the risk of misuse of information.
VII. INSTRUCTION ON RIGHTS OF THE DATA SUBJECT (NATURAL PERSONS)
If you find or believe that any SOLUS member, SOLUS, SID, or other entities involved in the processing of data in any Register of SOLUS (i.e. the relevant controllers or processors) processes your personal data that is inconsistent with the protection of your privacy or contrary to law, especially if your personal data is inaccurate, you may:
If your request is found to be legitimate, the relevant entities are required to immediately remove the defective condition. If your request to correct inaccurate or incorrect data contained in the register is not resolved immediately, the operator will block the data in question until the request is resolved. The operator blocks it in such a way that it is temporarily prevented to provide the data from the register that has been affected by the consumer’s request. Instead of such data, the seller or operator maintaining the register will provide information that the data is blocked.
If the data kept in the register is subject of a dispute between you and the member company, where such a dispute is subject of a court, administrative or arbitration proceeding in which no final judgment has yet been given on the merits or an out-of-court settlement of the consumer dispute, the member company is obliged to note this fact in the register on your request.
If the relevant controller or processor does not comply with your request or if you believe that processing of your personal data is not lawful, you have the right to contact the Office for personal data protection (www.uoou.cz) with a request for remedy.
You can expressly in writing disagree with SOLUS processing your personal data in the Positive Register. In such a case, the operator will remove all records relating to your person from the register without undue delay and take steps to prevent further records relating to your person from being entered.
VIII. CUSTOMER SERVICE
Information about the association SOLUS: www.solus.cz or telephone line 222 368 707, which is charged as a fixed line call within your tariff. The operation of this line is on working days (from Monday to Friday) from 8:00 a.m. to 16:30 p.m. This telephone line is operated by Společnost pro informační databáze, a.s.
Customer Service of the association SOLUS provides its clients with the following services:
SOLUS has appointed a Data Protection Officer, who is available at poverenec@solus.cz or in writing at the address of the Association.
IX. NOTICE
IMPORTANT: DATA FROM OTHER TYPES OF CONTRACTUAL RELATIONSHIPS ARE RECORDED IN THE REGISTER OF THIRD PARTIES OF THE ASSOCIATION SOLUS, FOR WHICH THERE IS SEPARATE INSTRUCTION ON THE REGISTER OF THIRD PARTIES.
Instruction on SOLUS registers in PDF.