ILN Data Privacy Paper

Czech Republic

The Czech Telecommunication Office is responsible to deal with data subjects’ complaints against unsolicited marketing phone calls under the Act on Electronic Communications (i.e., it receives and solve these complaints). 8.3 Role, functions and powers of civil/criminal courts in the field of data regulation The Czech civil courts deal with disputes between the controllers or the processors and data subjects or other natural or legal persons/entities arising from contractual or pre-contractual relations and also from the liability relations (damages). The Czech administrative courts decide on administrative actions filed against decisions of the Czech administrative bodies/authorities, including the Office as mentioned in point 6.1 above. The Czech criminal courts deal with crimes committed in the field of data protection, such as Unauthorised Use of Personal Data under section 180(2), Unauthorised Access to Computer Systems and Information Media under section 230(2) or Violation of Copyright, Rights Related to Copyright and Database Rights under section 270 of the Czech Penal Code (the Act no. 40/2009 Coll.). Consequences of non-compliance 9.1 Consequences and penalties for data breach Infringements of the GDPR are subject to administrative fines up to

EUR 20,000,000, or in the case of an undertaking, up to 4 % of the total worldwide annual turnover of the preceding financial year, whichever is higher. 9.2 Consequences and penalties for other violations and non- compliance If the Office finds that obligations imposed by the law have been breached, the Office will determine which measures must be adopted in order to eliminate the established shortcomings and set a deadline for their elimination. If the shortcomings are eliminated in accordance with the determined measures or immediately after the breach of obligation was found, the Office may decide not to impose fines. If the fines are imposed, mostly the general rules of the GDPR apply. Infringements of the GDPR are subject to administrative fines up to EUR 20,000,000, or in the case of an undertaking, up to 4 % of the total worldwide annual turnover of the preceding financial year, whichever is higher. In case of commercial messages, legal entities may be fined up to CZK 10,000,000 (approximately EUR 405,000) for disseminating commercial communications in violation of the Certain Information Society Services Act. The Czech Office for Personal Data Protection (Office) is the authority for supervision of compliance with this act. In addition, fines and other

www.peterkapartners.com/

Made with FlippingBook - PDF hosting