Obsah stránky, Hlavní stránka webu, Mapa webu, Vyhledávání

We use cookies to ensure that we give you the best experience on our website. By using this website, you agree to this use. More information Close

Personal Data Processing

We protect your data. We consider privacy and personal data protection as a primary obligation.

We handle personal data solely in compliance with the valid legislation. We hereby introduce the principles that clarify what we do to ensure the confidentiality and security of the personal data processed and provide information on the rights relating to the personal data processing. This communication is aimed at providing information on the personal data we collect, how we handle such data, the sources from which we obtain such data and for what purposes we use them, to whom we are allowed to provide such data and where you can obtain information on the personal data we process.

Personal data controller

POWER EXCHANGE CENTRAL EUROPE, a. s. (Identification No. (IČ): 27865444; hereinafter the “PXE”) is  the controller of the personal data that you provided to PXE or your personal data that  PXE obtained (see the chapter Source of personal data below) to fulfil one purpose or several purposes. PXE as the controller collects the data, disposes therewith and is liable for the due and legal processing of such data. You can exercise your rights with the controller in the manner specified below. You can contact the controller or its data protection officer with queries concerning the personal data processing; the contact data of the controller and the data protection officer are available at Contacts website.

Basic principles of personal data processing

We follow in particular the following principles when processing personal data:

  • when processing personal data, we fulfil all obligations imposed by legal regulations;
  • when processing personal data, we act fairly and transparently and exercise our best efforts to restrict the purposes and extent of personal data processing to the necessary minimum; 
  • we exercise our best efforts to ensure that the data subject’s rights and freedoms are not infringed and that the data subject is protected against unauthorized interference with the client’s private and personal life;
  • we provide information on the personal data processing before the commencement of the contractual relationship or before we provide the relevant service; and
  • we have implemented the information security management system (hereinafter “ISMS”) pursuant to standard ČSN ISO/IEC series 27000 (“Information Technologies – Security Techniques – Information Security Management Systems”).

Scope of personal data processing

We only process such data that enable us to provide professional and comfort services to you and to fulfil our legal obligations and contractual undertakings and to protect our rightful interests. 

We collect in particular data concerning our customers and customers of our affiliated companies (trading participants and other business partners), or more precisely, their representatives, members of statutory bodies and employees. We process basic personal data, data on products and services that you use, data from our communication and interaction as well as other data so that the scope of such data is reasonable, relevant and restricted to the necessary extent with regard to the purpose for which we collect and process your data. Our main purpose is to provide professional and comfort services to you but we must fulfil our legal obligations and protect our rightful interests; see below a complete list of the purposes for which we process your data, including a specification of the concrete data processed for the given purpose. 

Personal data we process:

  • identification data (in particular name, surname, title) of customers, their representatives, members of statutory bodies  and employees; 
  • identification data of participants of seminars, workshops etc., who confirmed their registration or otherwise agreed to the participation (in particular name, surname, title, contact data);
  • contact data;
  • transaction data concerning trades in products listed on the commodity market;
  • other data (bank account number);
  • authentication data for the use of our applications and data on the use of our website;
  • information from external sources, in particular from publicly accessible registers, such as the Companies Register (in particular name, surname and address);
  • records of the communication with clients; and
  • contact data (in particular e-mail address and telephone number) of persons who agreed with the data processing. 

Purposes and period of personal data processing

We process personal data to the necessary extent for meeting our statutory obligations or for the purposes of fulfilling the rights and obligations arising from agreements. We also process certain data when it is necessary to protect the rights and interests of our company and of third parties. 

In other cases, we only process your data if you so agree. 

The purposes of processing include the following categories: 

  • Without the data subject’s consent:
    • Fulfilment of the obligations set forth by law – personal data processing is necessary for such purposes due to the fact that such data processing is set forth by law or any other generally binding legal regulation (for example fulfilment of the notification duty vis-à-vis a supervisory body and public authorities, fulfilment of the obligations concerning enforcement of a resolution, fulfilment of the obligation of the client’s identification and inspection and other obligations in the field of prevention of money laundering. PXE processes personal data for such purposes for the period set forth by the applicable legal regulations.
    • Performance of contractual relationship – personal data processing is necessary for due fulfilment of the rights and obligations arising for the PXE from the contractual relationship. The controller processes personal data for such purpose throughout the contractual relationship, unless legal grounds exist to process personal data for a longer period of time.
    • Controller’s legitimate interest – personal data processing is necessary for such purpose (such as physical protection of the PXE’s premises, dispute resolution and protection and enforcement of 
      the rights of participants or issuers, management and collection of claims, analyses and assessment of possible risks, software testing, etc.) to the same extent as for the purposes of performance of a contractual relationship. The controller processes personal data for such purpose throughout the contractual relationship and until the statute of limitations period arising from the fulfilment of rights and obligations expires on the basis of the relevant contractual relationship.
  • With the data subject’s consent:
    • for other purposes (such as for the possibility to contact the client or for marketing purposes).

The data that you provide us with your consent is provided voluntarily. 

We request that you provide other data since the processing of such data is necessary for the performance of the agreement, for the fulfilment of our legal obligations or for the protection of our legitimate interests. If you do not provide such data to us, we cannot provide you with the relevant product, service or any other performance for which we request your personal data. 

Source of personal data

Depending on the situation, we process data that we received from the trading participants, or from other subjects with which we have concluded an agreement, data that we received during the conclusion of the relevant contractual relationship and the subsequent realization of such relationship, data from publicly available sources and registers, lists and records (such as the Companies Register) and data from third parties, if a special regulation so sets forth. To fulfil a contractual relationship, we may pass on data between us within the framework of our holding group - EEX Group (EEX (European Energy Exchange AG a Powernext SAS).

Method of personal data processing

PXE processes personal data by automated means and manually.

Provision of personal data to third parties

In principle, we process personal data in our company. We only provide the data to third parties with the data subject’s consent or if it is set forth by law. Where it is necessary to achieve any of the above-mentioned purposes, your data may be processed by cooperating contractors.

  • PXE passes personal data to persons to whom it is obliged to provide personal data on the basis of legal regulations, in particular they may be state administrative authorities, courts, law enforcement authorities, supervisory bodies,  financial offices and similar authorities. We may be obliged to provide your data to various state and international authorities under the conditions set forth by law.

    PXE processes personal data through its own employees as the personal data controller or through its suppliers. PXE shall ensure technical, organizational and personnel measures that lead to a high level of protection and personal data security. Where we use cloud storage sites, a high level of the data security is ensured.
  • Suppliers outside the PX group include in particular the following:
    • IT services providers, including cloud storage sites;
    • subjects collecting our claims;
    • attorneys; and
    • press and postal services providers.
  • In the field of registration of book-entered securities, data is provided for processing to third parties, for whose purposes book-entered investment instruments are registered, in particular issuers of book-entered securities, including foreign issuers, other central depositories such as Euroclear and Clearstream and custodians. In the case of foreign registering subjects, personal data is provided to the extent set forth by local legislation.

Data subject’s rights

We process personal data transparently, fairly and in compliance with the law. You have the right to access your data, right to explanation as well as other rights if you believe that the processing is not correct. You can also file a complaint with the Personal Data Protection Office. You can exercise your rights in the relevant company from our group with which you have a relationship.

If you have any queries connected with personal data processing or if you wish to exercise your rights, you can contact the controller whose contact data is stated on Contacts website. You can also contact the controller in writing at the address, which is also stated on Contacts website.

Right of access to personal data and right to be informed – You are entitled to access your personal data, in particular the information on the processing of your personal data. Such right does not apply to any data contained in 
the property account statement; such data is provided to account owners through the BCPP participants in compliance with the Capital Market Trading Act, without prejudice to third-party rights. For repeated requests, 
the BCPP and the participants may request reasonable compensation that must not exceed the costs necessary for the provision of the information. 

Right to personal data correction – If your personal data is incorrect or inaccurate you may request correction of such data. It is possible to request completion of incomplete data taking into account the purposes for which the data is processed. In compliance with the Capital Market Trading Act, such right does not apply to owners of unclassified accounts where the personal data is adjusted by the BCPP’s participant after the contractual relationship is concluded with the owner of an unclassified account. 

Right to removal – You are entitled that your personal data be removed if our processing is unauthorized.

Right to raise an objection – Should the BCPP breach its obligations concerning collecting or processing of personal data, you are entitled to request that the BCPP provides an explanation of such conduct, refrains from such conduct or remedies the relevant situation. You are also entitled to contact the Personal Data Protection Office with your initiatives.

Other rights – You have the right to restrict the processing and the right to data transferability under the conditions set forth by law.

Do you wish to withdraw your consent? 
In cases when your consent is required by us for the processing of your personal data, you are entitled to withdraw such consent at any time. The withdrawal of consent shall not affect the processing of your personal data during the time when the consent was lawfully given, or the processing based on other legal bases, if applicable (e.g. fulfilment of statutory or contractual obligations, or for the purposes of our legitimate interests). 

Do you wish to restrict marketing?
If you gave us your consent for marketing or if you receive newsletters from us for any other rightful reasons, you may withdraw your consent at any time or you may unsubscribe our newsletters in the following manners: 

  • the possibility to cancel the sending of our newsletters is incorporated directly in our newsletters;
  • if you no longer wish that we call you, please inform us during a telephone conversation; or
  • you can inform us at our registered office or in writing that you no longer wish to receive our newsletters.

If you wish to restrict or withdraw your consent with data processing and sharing for marketing purposes, please fill in this document and send it to us to info@pxe.cz.