In 2016, ČEZ Distribuce, a. s., fulfilled all of the strategic objectives it set for itself, and its financial performance surpassed planned figures. We achieved that by further improving cost efficiency but also thanks to an increase in the quantity of distributed electricity, which reverted to a level usual before the global financial crisis. The Company continually achieves high labor productivity and fulfills its investment programs. In the past year, ČEZ Distribuce connected 17,652 connection points and added 469 km of new lines and 315 new distribution stations to its distribution system. In addition, it integrated 438 new renewable electricity generation facilities into its distribution system. These numbers confirm that the Company is successfully accomplishing its mission.
We stayed on the path of continuously reinforcing safety and social responsibility in 2016. The Company also donates significant amounts every year to public benefit projects arranged by the CEZ Foundation.
Successful certification to ISO 9001 confirmed the efficiency of the logistics and system of operating and repairing measurement equipment and the operation of our authorized metrology center.
Identification of ČEZ Distribuce, a. s.
405 02 Děčín IV-Podmokly
Registered in the Commercial Register kept by the Regional Court in Ústí nad Labem, Section B, File 2145, Established in 2010, Legal form Joint-stock company
License number: 121015583
OTE registration number: 715
ID No.: 247 29 035 / VAT ID No.: CZ24729035
Bankers: Komerční banka, a.s., account No. 35-4544580267/0100
Information About Personal Data Processing
ČEZ Distribuce, a. s., Business ID: 24729035, with its registered office in Děčín - Děčín IV-Podmokly, Teplická 874/8, Postal Code 405 02, incorporated in the Commercial Register kept by the Regional Court in Ústí nad Labem under File Ref. B 2145 (hereinafter ‘ČEZ Distribuce’), as a personal data controller, would hereby like to inform you about the method and scope of personal data processing by the said company, including the scope of rights of data subjects connected with the processing of their personal data by ČEZ Distribuce.
ČEZ Distribuce processes personal data in accordance with the European Union law, in particular pursuant to Regulation 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and in accordance with international treaties binding upon the Czech Republic, namely in accordance with the Convention for the Protection of Individuals with Regard to Automated Processing of Personal Data, No. 108, promulgated under No. 115/2001 of the Collection of International Treaties, and also in accordance with relevant national laws and regulations, in particular pursuant to Act No. 101/2000 Coll., on Personal Data Protection and on Amendments to Certain Acts (hereinafter the ‘PDPA’).
Purpose and Scope of Personal Data Processing
ČEZ Distribuce processes only specific personal data that has been acquired in accordance with the PDPA, whereby ČEZ Distribuce collects and processes this personal data only for the defined purpose, in the scope and for the time necessary to fulfill the said purpose. ČEZ Distribuce acquires personal data directly from data subjects, from third parties and from public registers.
Purposes of Personal Data Processing by ČEZ Distribuce
- Personal data processing is inevitable to ensure legal compliance on the part of ČEZ Distribuce
ČEZ Distribuce collects and processes personal data for the purpose of fulfilling its obligations defined by special laws and regulations. Act No. 458/2000 Coll., on Enterprising Conditions and on the Public Administration of Energy Sectors and on Amendments to Certain Acts, as amended (hereinafter the ‘Energy Act’ or ‘EA’), also requires that ČEZ Distribuce, as power distribution system operator, renews and develops this distribution system and, among other things, provides distribution system services.
- Personal data processing is required for negotiating contracts or changes to contracts, to which the data subject is a party, and for the subsequent performance of such contracts
ČEZ Distribuce collects and processes personal data in a scope required for the execution or change of a particular contract. The personal data disclosure by the data subject is voluntary in this respect; however, such personal data need to be disclosed as a pre-condition to the execution or change of the given contract and/or for the delivery of the services agreed, whereby the personal data disclosure serves primarily the purpose of clearly and unambiguously identifying the data subject. In some cases, the scope of personal data processed is moreover determined by general binding legislation in force.
- Personal data processing is required to protect the rights and legally protected interests of the controller, recipient or other persons involved
ČEZ Distribuce collects and processes personal data in particular to protect its rightful interests as power distribution system operator and to protect its clients and other persons.
In these cases, personal data is processed to arrange or provide a relevant service, handle requests, claims or complaints etc.
Protection of assets, persons and security of key elements of the distribution system
In order to protect persons and the assets of ČEZ Distribuce against potential illegal conduct by other persons, security camera systems have been installed on selected buildings managed or owned by ČEZ Distribuce, by means of which certain personal data can also be processed.
Unauthorized Power Consumption (Section 51 EA)
Recordings made by mobile cameras are used to document findings, prevent and eliminate unauthorized power consumption pursuant to Section 51 EA, to establish and prevent losses in the distribution system, and to secure evidence for the purpose of enforcing damages for losses caused by unauthorized power consumption, all that in accordance with the applicable legislative requirements and case law.
If a data subject uses a customer contact line to communicates with ČEZ Distribuce, the telephone call may be recorded for the above reasons and also to improve service quality, objectiveness, demonstrability and safety.
Scope of Personal Data Processing by ČEZ Distribuce
ČEZ Distribuce processes personal data in the following scope:
- Identification details: degree, first name, family name, date of birth, ID card number;
- Address details: place of permanent and/or temporary residence, correspondence or other contact address, supply point address, telephone, e-mail address;
- Other personal data: bank account number, business partner’s reference number, information acquired based on meter readings and other personal data arising from a specific contract or required by law.
Processors and Recipients
To achieve the purposes described above, apart from ČEZ Distribuce and its employees, personal data may also be processed by ČEZ Distribuce’s processors based on personal data processing contracts made in accordance with the PDPA.
ČEZ Distribuce uses in particular the following personal data processors:
- Member companies of the CEZ Group,
- Persons who inspect supply points,
- Service providers and equipment suppliers,
- Suppliers of camera (CCTV) systems installed on the premises of ČEZ Distribuce,
- Other persons in connection with the execution, administration and archiving of contracts and related documents,
- Persons who provide services to ČEZ Distribuce if the client decides to use such services,
- Other third parties who provide or receive services in connection with the fulfillment of contractual or statutory obligations by ČEZ Distribuce.
ČEZ Distribuce processes personal data manually and automatically. Personal data protection is ensured by ČEZ Distribuce technically and organizationally in accordance with the PDPA. ČEZ Distribution requires the same security measures also from its personal data processors.
With effect from July 1, 2017, ČEZ Zákaznické služby, s.r.o. no longer processes personal data for ČEZ Distribuce.
ČEZ Distribuce hereby informs that, based on a lawful request, personal data may be disclosed to third parties who have authority granted to them by law to request the disclosure of such personal data.
Data Subject Rights
Every data subject may request information about the processing of their personal data, purpose of personal data processing, scope and, as the case may be, categories of personal data processed, sources of personal data, nature of its automated processing, processors, recipients or, if relevant, categories of personal data recipients.
ČEZ Distribuce will provide the requested information without undue delay for a reasonable consideration that may not exceed the costs connected with disclosing such information.
If a data subject finds out or feels that ČEZ Distribuce or its contractual processor processes personal data in a manner infringing the protection of the data subject’s privacy and personal life or in violation of the applicable law, the data subject may:
- Request an explanation from ČEZ Distribuce or its contractual processor;
- Request that ČEZ Distribuce or its contractual processor remedy such a situation; in particular, the data subject may request that their personal data be blocked, corrected, amended or removed.
ČEZ Distribuce will always without undue delay inform the data subject that their request has been accommodated. The data subject may at any time contact the Office for Personal Data Protection with their comments.
ČEZ Distribuce would hereby like to inform that, on May 25, 2018, Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation – hereinafter the ‘GDPR’), will take effect and be directly applicable and effective also under the law of the Czech Republic. Following the above date, the Information About Personal Data Processing will be updated to ensure that, as at May 25, 2018, it fully reflects the new legislation on the protection of personal data of individuals, as regulated in the GDPR.
Definitions of Terms
- Personal data – personal data is to be understood as any information pertaining to an identified or identifiable data subject; a data subject is considered as identified or identifiable if the data subject can be identified either directly or indirectly;
- Data subject – a data subject is an individual to whom the personal data pertains;
- Controller – a controller is every person or entity that determines the purpose and means of personal data processing, carries out and is responsible for the processing;
- Processor – a processor is every person or entity that processes personal data based on a special act or has been commissioned by a controller to do so;
- Recipient – a recipient is any person or entity to whom personal data has been made accessible; an entity that processes personal data is not considered to be a recipient;
- Personal data processing – personal data processing is to be understood as any operation or set of operations that the controller or processor systemically perform with personal data in an automated manner or using other means; personal data processing is in particular to be understood as the collecting, using, handing over, distributing, publishing, keeping, exchanging, sorting or combining, blocking and removal of personal data;
- Public register – for the purposes of this document, this is to be understood as (i) a public register kept pursuant to Act No. 304/2013 Coll., on Public Registers of Legal Entities and Individuals, as amended, i.e., association register, foundation register, institute register, register of home unit owners, commercial register and Register of Generally Beneficial Companies, and (ii) other registers within the meaning of Act No. 111/2009 Coll., on Primary Registers, as amended.