Personal data

The main personal data protection policy in OICT:

  • legality, correctness, transparency - the administrator must process personal data on the basis of at least one legal reason and transparently in terms of the subject of the data
  • limitation of purpose - Personal data must be collected for certain and legitimate purposes and must not be processed in an incompatible manner with these purposes
  • data minimization - the requested Personal data must be appropriate and relevant to the purpose for which they are processed
  • accuracy - Personal data must be accurate
  • limitation of storage - personal data should be stored in a form that allows the subject to be identified only for the necessary period of time for the purposes for which they are processed
  • integrity and confidentiality - technical and organizational security of personal data must be provided

Advise on the right of the data providing subject:

The data providing subject has the right to be informed about the processing of his/her/their personal data. This means the right to certain information about the processing of his/her/their personal data processing so that, above all, the principle of transparency of processing is met. This includes information about the purpose of the processing, the identity of the administrator, his/her legitimate interests, and the information about recipients of the personal data. In this case it is a passive right as the activity towards the data subject must be put forth by the administrator so that the information required in accordance with the general Regulation is provided or made available by the data subject.

A complete list of information provided by the administrator in the collection of personal data can be found in Articles 13 and 14 of the General Regulation. The General Regulation formally distinguishes the provision of information obtained from the data subject, or the provision of information not obtained from the data subject. The right to information is the equivalent to the right to the processing of information provided for in Section 11 of the current Act No. 101/2000 Coll., On the Protection of Personal Data.

Other data subject's rights, which are often based on the data subject's (application) activity, include

  • the right of access to personal data,
  • the right to correction, or supplementation,
  • the right to delete,
  • the right to limit the processing,
  • the right to data portability,
  • the right to object,
  • the right not to be subject to automated individual decision making with legal or similar effects, including profiling.

Contact details providing access to agendas and processes for which the OICT acts as an administrator or processor:

Operátor ICT, a.s. (JsC)

Dělnická 213/12
170 00 Prague 7
CID No.: 02795281, TI No.: CZ02795281

Data box: 3xqfe9b

Contact details of the administrator handling personal data used for the issuance of Lítačka (OICT is the processor of the Lítačka card):

Prague City Council

Mariánské nám. 2
Prague 1, 11001

Contact details of DPO (Personal Data Protection Officer) of the OICT:

DPO, Personal Data Protection Officer

Operátor ICT, a.s. (JsC)

Dělnická 213/12
170 00 Prague 7

Phone: +420 246 030 986