Česká spořitelna (ČS) finds privacy and personal data protection as one of
its primary duties; it uses personal data fully in compliance with the
applicable legislation. The following are the principles adopted to secure
confidentiality and security of your personal data.
We consider privacy and protection of personal data as our primary
obligation. We treat personal data exclusively in compliance with the
applicable legislation. We would like to present the following Principles that
explain all that we do to ensure the confidentiality and the security of your
personal data, as our clients.
The purport of this document is to provide you with information about the type
of personal data we collect and about the way we treat personal data, from what
sources we obtain them and for what purposes we use them, to whom we are
authorised to disclose them, where you can obtain information on your personal
data processed by us, and what are the individual security options for each
client of Česká spořitelna.
What personal data does Česká spořitelna collect?
Personal data used for accurate and unique client identification
(identification data) and personal data enabling contacts with the client
(contact data). Identification data include: name, surname, title, personal
identification number (if any), date of birth, permanent residence address, ID
card number, number of passport or other similar document; as for clients -
private individuals - entrepreneurs - it is also their VAT number and
company identification number. Contact data include in particular: client
contact address, phone/fax number, e-mail address, and other similar
Data necessary for Česká spořitelna to comply with its legal obligation to
perform its business activities in a prudent manner and without unnecessary
legal and material risks. The character and scope of the personal data depend
on the nature of the specific banking transaction or service provided to the
As regards the contractual relationship between Česká spořitelna and its
clients, the provision of personal data by clients is entirely voluntary,
however, it is a prerequisite for the execution of any business
transaction or the provision of any service.
Where from does Česká spořitelna obtain personal data?
From clients - when negotiating a specific business deal or service and
during their subsequent implementation.
From publicly accessible registers, lists and records (e.g.
the Commercial Register, Register of Trades, Land Registry, public
telephone directory, etc.).
From other entities if so stipulated by a special regulation (e.g. §
38a of The Banking Act No. 21/1992 Coll., or § 260 and 260g of the Civil
Procedure Code No. 99/1963 Coll., etc.).
From other entities, but only with the client's consent.
From other entities (e.g. from client information registers operated by
non-bank entities, such as LLCB, z.s.p.o. with registered office in Praha 4, Na
vítězné pláni 1719/4, postal code 140 00; the SOLUS Association, with
registered office in Praha 4, Antala Staška 510/38, postal code 140 00, etc.),
however, only with the client's consent.
For what purposes does Česká spořitelna use and process personal data?
For purposes relating to banking transactions and services, particularly to
evaluate banking transactions and/or service applications, and to secure all
other activities necessary for the implementation of such transaction or
For compliance with the obligations of Česká spořitelna arising from
special regulations (namely Act No. 21/1992 Coll., on Banks, Act No. 61/1996
Coll., on Some Measures against the Legalisation of the Proceeds of Crime,
For its own internal needs, especially to perform analyses and evaluations
of potential risks, to protect its rights and interests protected by law, to
monitor the quality of services and the satisfaction of clients, and to
optimise the provided services and products.
For business purposes, e.g. for the development of new products targeted at
the client's needs and at informing the clients about new products and services
of Česká spořitelna and its subsidiaries.
How does Česká spořitelna protect personal data?
Personal Data are under continuous physical, electronic and procedural
control; as Česká spořitelna has at its disposal up-to-date control,
technological, and security mechanism ensuring maximum possible protection
of processed data against any unauthorised access or transmission, against
their loss or destruction, as well as against any other possible forms of
All persons coming into contact with the personal data of clients while
performing their work duties or contractually assumed obligations are bound by
a non-disclosure obligation under the law or a confidentiality agreement.
Moreover, all client information is classified as a bank secret.
To whom does Česká spořitelna provide personal data?
To the state authorities or other entities to whom it is obliged to provide
such information under special laws (e.g. Act No. 21/1992 Coll., on Banks, Act
No. 61/1996 Coll. on Some Measures against the Legalisation of the Proceeds of
Crime, etc.), in particular to state administration bodies, courts, bodies
active in criminal proceedings, supervisory authorities, executors, public
notaries - judicial commissioners, etc.
To banks in the extent as determined by a special law - either
directly or through a legal entity specifically established to maintain the
Client Information Register (see § 38a of Act No. 21/1992 Coll., on Banks) -
and to the Information Database maintained by the Czech National Bank (Česká
To other entities if it is necessary for the protection of the rights of
Česká spořitelna, e.g. to insurance companies or insurance brokers in relation
to claims under insurance policies, to courts, court executors, auctioneers,
etc., whereas the extent of provided information is limited to data necessary
for the successful satisfaction of claims.
To specialized external organizations ("processors"), which do data
processing for Česká spořitelna pursuant to Personal Data Processing Contract
(see § 13 of Act No. 101/2000 Coll., on the Protection of Personal Data). Česká
spořitelna carefully selects such a processor that is able to provide maximum
guarantees with respect to the technical and organizational securing of the
protection of submitted personal data.
To companies operating within the Bank Group (the Bank Group comprises
subsidiaries of Česká spořitelna (members of the Financial Group of Česká
spořitelna), the company holding the decisive interest in ČS (Parent Company),
and companies, in which the Parent Company holds an interest exceeding 25% of
their registered capital, or a share exceeding 25% of the voting rights) for
business purposes, however, provided that it acquires the client's consent
therewith; up-to-date information on the members of the Bank Group is
accessible at all branches of Česká spořitelna and on the website of Česká
With the client's consent or at his/her own request, personal data can be
provided also to other entities.
What possibilities do clients have with regard to processing and use of
their personal data?
Except for cases as specified by the law, where personal data processing
does not require consent on the part of the client (see § 5 of No.
101/2000 Coll., on the Protection of Personal Data), Česká spořitelna processes
personal data exclusively with the client's consent. It is at the
client's discretion, whether or nor he/she wants to give his consent in
the extent as suggested by ČS or whether he/she wants to restrict it. Giving
consent is entirely voluntary and is not a precondition for the conclusion of
banking transactions. Unless agreed otherwise with ČS, the client may
notify ČS (during the existence of their business relationship) that he/she
wants to restrict, change or revoke his/her consent. Česká spořitelna is bound
by the extent of the consent given by the client and shall fully respect
Do clients have access to their personal data and what are the obligations
of Česká spořitelna?
The client may request information about his/her personal data used and
processed by Česká spořitelna at any of the bank's branches. Česká spořitelna
will generate such information in the extent as stipulated by law (see § 12,
Paragraph 2 of Act No. 101/2000 Coll., on the Protection of Personal Data)
without unnecessary delay and will forward it to the client personally, unless
expressly agreed otherwise with the client.
Česká spořitelna is entitled to compensation of the costs associated with
the provision of such information (see § 12 of No. 101/2000 Coll., on the
Protection of Personal Data). In the event of any violation of clients' rights
or the law as a consequence of personal data processing, clients may seek
remedy using all remedial measures available under existing legislation (see §
21 of the Act on Personal Data Protection No. 101/2000 Coll.). If the client
finds out or deems that his/her rights have been infringed or that the
obligations stipulated by law have been violated within the processing of
personal data on the part of Česká spořitelna or other entities processing such
data, the client may seek remedy of the same, while utilising all means
available under the applicable legislation (see § 21 of No. 101/2000
Coll., on the Protection of Personal Data). The client may contact the Office
for Personal Data Protection with his/her suggestions.
Where can clients get more detailed information and/or make objections to
personal data processing?
Clients can call 800207207 - a toll-free Help Line of the Financial Group of
Česká spořitelna at any time to receive answers to any questions they may have
regarding their personal data. Information about personal data processed by
Česká spořitelna may be requested at any of its branches. Clients who want to
make objections against personal data processing or revoke their prior consent
or change its extent shall proceed in one of the following ways:
Visit the nearest branch of Česká spořitelna
Use SERVIS 24 Telebanking or SERVIS 24 Internetbanking
Send an e-mail to: firstname.lastname@example.org, or call
a toll-free Help Line at 800207207
Call or send a written, fax or e-mail request to the Ombudsman Team:
Ombudsman Finanční skupiny České spořitelny Olbrachtova 1929/62
14000 Praha 4
How does Česká spořitelna inform about the principles and the
rules for personal data processing and protection
These Principles are published in the Information Book available to the
public at all branches of Česká spořitelna and on its website.
The rules of personal data processing and protection are explained to
clients each time they negotiate specific transaction or service; when entering
into their first contract with Česká spořitelna, clients are requested to
express their view regarding the Consent with Personal Data Processing as
proposed by Česká spořitelna. Clients are familiarised with the rules for
personal data processing and protection when concluding a business transaction
or within the provision of services, whereas clients are simultaneously
requested to express their view regarding the Consent with Personal Data
Processing as proposed by Česká spořitelna. These Principles also apply
reasonably to personal data processing by members of the Financial Group of