Principles of personal data processing

Change cookie settings:


What are cookies and their settings


(according to Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons in connection with the processing of personal data and on the free movement of such data and on the repeal of Directive 95/46/EC = GDPR)

1. Designation of the administrator (or processor) and authorized persons:
Administrator: Synergia Pharmaceuticals s.r.o., Varšavská 715/36, 120 00 Prague 2 – Vinohrady, ID number: 27569519
Contact person for the administrator: Alexej Murín – executive
Personal data processor: Účetnictví on-line s.r.o., Pekařská 695/10a, Prague 5 – Jinonice, ID: 27169278, courier company GLS or DPD
Authorized persons: Ing. Alexey Murín, managing director
M.Sc. Tereza Borovcová, Ing. Martin Malecký business manager, Ing. Michal Kuklovský, logistics, shipping services
The administrator also cooperates with sales representatives:
Sales representatives do not have access to personal data processed by the administrator.

2. Content and scope of personal data processing:
The administrator processes personal data for the purposes of providing its services.
The controller obtains personal data from the following range of entities:

a) employees (only to the extent resulting from the relevant legal regulations –
e.g. Labor Code, Personal Income Tax Act)
b) customers, subscribers and sales representatives.
The administrator only processes data necessary for the fulfillment of the relevant contractual relationship or legal obligation and only for the given specific purpose and only to the extent necessary. Beyond the contractual or legal framework, the administrator performs further processing only on the basis of the duly granted consent of the subject of personal data.

3. Method of personal data processing:
Processing operations:
The administrator scans and stores all personal data in a password-protected laptop, and sends the originals to Účetnictví on-line s.r.o. for registration.
The personal data of customers from the e-shop are stored on the website, through which the administrator operates his e-shop (;
The manager and employees have access to this data based on entering a username and password.
Invoices with customers’ personal data are stored in a laptop protected by a password and an anti-virus system, and are also sent to Účetnictví on-line s.r.o. for registration (by e-mail or by registered mail via the Czech Post).
Programs or systems used: To process all received and issued invoices, the UOL accounting program is used, which is installed on the company laptop or Bonobo accounting, which is accessible via an internet browser, everything is secured by a password that must be entered each time it is accessed.

4. Legal reason and purpose of personal data processing:
Legal grounds for processing: Article 6 paragraph 1 letter b) GDPR (processing necessary to fulfill the contract); Article 6 paragraph 1 letter c) GDPR (processing necessary to fulfill a legal obligation); Article 6 paragraph 1 letter a) GDPR (processing based on the consent of the data subject).
Identification and specification of the purpose of processing: processing of personal data of employees within the framework of the fulfillment of obligations according to the regulations of labor law, social security law, or tax law; processing of personal data of customers and subscribers for the purpose of providing services as part of the administrator’s business activity or for the purpose of direct marketing.

5. Security of personal data:
Electronic security: The laptop used is protected by a password and the ESET antivirus system. Access to accounting and e-shops is password protected. After the employee leaves the company premises, the laptop is switched off and left in the office. Only Mgr has access to accounting. Tereza Borovcová, sales assistant, Mgr. Tereza Borovcová, sales assistant, Martin Malecký, sales and marketing manager and Ing. Alexey Murín, managing director.
Physical security (object security): Access to the office is based on the key to the lockable door Mgr. Tereza Borovcová, sales assistant. The office is secured with a lock, the entire building is then secured by locking the front door at 5 p.m. In order to ensure facility security, other persons are not allowed to enter the company’s office without being accompanied by one of the authorized persons specified above. The authorized person, who is the last to leave, checks that the computer equipment is turned off and properly locks the office doors, or the entire building.

6. Procedures in the event of a breach of personal data security:
In the event that a violation of personal data protection is discovered, the person who discovers this violation is obliged to immediately take appropriate measures to protect personal data records (e.g. immediate shutdown of computer technology in the event of an attack on the server) and at the same time must immediately inform the administrator.
The administrator or a person authorized by him is then obliged to find out the nature of the breach of personal data protection and to make a written record of this incident.
If a high risk to the rights and freedoms of natural persons is detected, there is an obligation to inform the data subjects affected by this security breach.
In the event that a risk to the rights and freedoms of natural persons is detected, there is an obligation to report this incident to the supervisory authority, which is the Office for Personal Data Protection, without undue delay.
The administrator is obliged to take measures to re-ensure the maximum security of personal data in accordance with the GDPR and at the same time to prevent the repetition of relevant security breaches as much as possible.

7. Procedures for disposal of personal data:
Archiving and shredding of all documents takes place in accordance with Act No. 499/2004 Coll., on archiving and file service. In the case of a data subject’s request for the disposal of his personal data, the procedure is in accordance with the GDPR.

In Ústí nad Orlicí on 17 March 2021

Ing. Alexej Murín – managing director
M.Sc. Tereza Borovcová – sales manager
Ing. Martin Malecký – sales manager
Ing. Michal Kuklovský – logistics manager

SYNERGIA PHARMACEUTICALS, s.r.o. (IČO: 275 69 519,, Varšavská 715/35, 120 00 Prague 2, Czech Republic