Principles of Data Protection
Why, in what manner and how is your personal data being processed
If you are a customer of ours, a subscriber or a visitor of our website, you are entrusting us with your personal data. We are responsible for its protection and security. Please, learn about data protection, the principles and the rights you have with regards to GDPR (General Data Protection Regulation).
Who Is the Controller?
We are HNB servis s.r.o., with our registered office at Martinická 987/3, Praha 9, Company ID (IČ): 029 22 207, VAT ID: CZ02922207, registered at the Municipal Court in Prague, under the file label C 225395. We offer program of WINSIGNALS, for which we run the websites winsignals.cz and winsignals.com as well as sites related to these projects. We process your personal data as the controller, i.e. we determine, how, for what purpose and period personal data will be processed, and we are currently selecting other possible processors, who will be helping us with the processing.
If you would like to talk to us in the course of the data processing, you can contact us at firstname.lastname@example.org.
We declare that, as the controller of your personal data, we meet all legal requirements set by the current legislation, in particular the Personal Data Protection Law and GDPR, and thus:
• we will be processing your personal data based solely on valid legal grounds, most of all, on the legitimate interest of performing a contract, a legal obligation, or based on a permission granted,
• we abide by Article 13 of the GDPR and fulfill our reporting duty even before we start processing the personal data,
• we will allow you and we will support you in applying and fulfilling your rights according to the Personal Data Protection Law and the GDPR.
Scope of the Personal Data Collected and the Purposes
We process personal data which you yourself entrust us with, and we do this for the following reasons (to fulfill these purposes):
- Providing Services, Performing Contracts: Your personal data in the scope of: invoicing data, e-mail, phone number, or a correspondence address are essential for us to be able to perform our contract (e.g. sending access data for our app, sending online courses, supplying materials for courses as well as other goods).
- Accounting: If you are a customer, we absolutely need your personal data (invoicing data) for fulfilling our legal obligation of issuing and keeping record of tax documents.
- Marketing - the Sending of Newsletters: We use your personal data (e-mail and name), sex, what you are clicking in the e-mails and when you are most likely to open them, for the purposes of direct marketing - the sending of business messages. If you are one of our customers, we do this out of a legitimate interest, since we have a reason to believe that you are interested in news from us, for a period of 5 years after the last order. If you are not one of our customers, we are sending you newsletters only based on your consent for a period of 5 years from giving this consent. In both cases, you can withdraw this consent by using the unsubscribe link in every e-mail sent.
- Advanced Marketing Based on Consent: Only based on your consent can we also send you inspiring offers from third parties or use the e-mail address e.g. for remarketing and targeting Facebook adds, for a period of 5 years from giving the consent. The consent, of course, can be withdrawn at any time, using our contact data.
- Photographic Documentation and Seminar Video Recordings: At live events - seminars, meetings etc. we make video recordings or take pictures. We use the photos and the videos in our advertising materials, on the Internet, in particular. The video recordings are for the participants to watch. If you do not wish to appear in the recordings, let us know in our contact forms before the live event.
We keep your personal data until the statutory limitations period has expired, unless the law requires a longer period of its storage, or unless we have stated otherwise, in specific cases.
When you are browsing our websites, we record your IP address, information on how much time you have spent at a website and on what site you are coming from. We perceive using cookies for measuring the number of visitors of a website as well as for adapting the way the website is displayed as our legitimate interest as a collector, since we believe that thanks to this, we can offer you even better services.
Cookie files for targeting ads will only be processed based on your consent.
Our website can be also viewed in a mode which does not allow the collecting of any personal data. You can also disable the using of cookie files on your computer.
Personal Data Security and Protection
We protect personal data to the maximum extent the state-of-the art technology, which we use, allows us to. We protect it as if it were our own. We have implemented and we maintain all possible (currently known) technical and organizational measures which prevent the misuse, the corruption or the destruction of your personal data.
Transferring Personal Data to Third Parties
Your personal data can be accessed by our employees and our collaborators.
In order to secure specific processing operations which we are unable to secure using our own means, we use the services and applications of processors who can protect the data even better then us, and who specialize in such processing.
These are the providers of the following platforms:
· SmartSelling a.s. - SmartEmailing, MioWeb, FAPI, Proaffil
· Facebook - FB pixel
· Google - Google Analytics
· ECOAR s.r.o. - accounting firm
· GOPAY s.r.o. - payment portal
· savana.cz s.r.o., INTERNET CZ, a.s. - web hosting
It is possible that, in future, we decide to use other applications or processors in order to increase the quality and ease of use of the processing. However, we promise you that in such a case, in the process of selection, we will put at least the same demands on the candidates, with regards to the security and processing quality, as we put on ourselves.
Transferring data outside of the European Union
We only process data within the European Union or in countries which the European Commission, by its resolution, has deemed as providing an adequate level of protection.
Your Rights with Regards to Data Protection
You have quite a few rights, when it comes to data protection. If you wish to make use of any of these rights, please contact us by e-mail at email@example.com.
You have the Right to Information, which is already being fulfilled by this information page about the principles of data protection.
Thanks to the Right to Access, you can prompt us at any time, and within 30 days, we will document what personal data of yours we process and why.
If something changes on your side, or if you find your personal data to be out of date or incomplete, you have the Right to Rectification of personal data.
You can use your Right to Restriction of Processing, if you think that we process inaccurate data about you, if you think that we process your data illegally but you do not wish to delete all of the data, or if you have raised an objection against the processing.
You can restrict the extent of the personal data or of the purposes for which it is being processed (e.g. by unsubscribing from the newsletter, you are restricting the processing purpose of sending business messages).
The Right for Data Portability. If you wish to take your personal data and transfer to someone else, we will proceed the same way as when making use of the right to access - the only difference being that we will supply you the information in a machine-readable format. Here we need at least 30 days.
Right to Erasure (‘Right to Be Forgotten’). Your next right is the right to erasure (‘right to be forgotten’). We do not wish to forget about you, but if you do wish us to, you have the right. In such a case we will delete all your personal data from our system as well as from the systems of all partial processors as well as all backups. To comply with the right to erasure, we need 30 days.
In some cases, we are bound by our legal obligations and we have to e.g. keep record of all tax documents issued for a period determined by law. In such a case we will then delete all such personal information which is not bound by some other law. We will inform you per e-mail about the completion of the erasure.
The Right to Lodge a Complaint with a Supervisory Authority If you get the feeling that we are not treating your data in accordance with the law, you have the right to lodge your complaint with the Czech Republic Personal Data Protection Authority. We will be very thankful, if you first inform us about any such suspicion so we can do something about it and correct a possible error.
Unsubscribing from Newsletters and Business Messages. If you are one of our customers, we send you e-mails for inspiration, articles or products with services based on our legitimate interest. If you are not yet a customer, we send you these only based on your consent. In both cases, you can unsubscribe from our e-mails by clicking on the unsubscribe link, which is present in every e-mail we send.
We would like to assure you that our employees and collaborators who will be processing your personal data are obligated to treat it as well as other security measures, the disclosure of which could jeopardize your personal data, with strict confidentiality. This confidentiality stays in place even after all binding relations with us have ceased to exist. Without your consent, your personal data will not be transferred to any other third party.
These principles of personal data processing apply from the 1st of May 2018 and they replace the previous data protection policy, which can be found in the General Terms and Conditions.