Last updated on 25th May 2018
SECTION 1 – GENERAL PROVISIONS
This website (the “Website”) is operated and owned by LLC “Cyber Force Group s.r.o” (“Cyber Force Group s.r.o”, “we”, “us” or “our”). Cyber Force Group and its affiliates are committed to protecting and respecting your privacy.
We have been making our best efforts in order to comply with European General Data Protection Regulation (“General Data Protection Regulation”, “GDPR”) as well other with other relevant EU data protection rules.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
This Website is not intended for children and we do not intentionally collect data relating to children.
This Website may include links to third-party websites, applications or plug-ins. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.
SECTION 2 – ABOUT US
LLC “Cyber Force Group s.r.o” (“Cyber Force Group s.r.o”, “we”, “us”) — is a legal entity registered under the law of the Czech Republic with its registered number: 01987232, address: Kremencova, 7/186 Praha 1, 11000, the Czech Republic.
We act as Data Controller in respect of your personal data that we process. If you have any questions about how we collect, store or use your data, please contact us via e-mail: firstname.lastname@example.org
SECTION 3 – INFORMATION WE COLLECT ABOUT YOU
We used to collect from you following personal data: name, email address, mobile telephone number, computer’s internet protocol (IP) address, your user id in Skype™ or in other social networks.
When processing your personal data we are governed by following principles:
- personal data is processed lawfully, fairly and in a transparent manner in relation to you;
- personal data is collected only for specified, explicit and legitimate purposes;
- personal data is always adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
- accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay.
SECTION 4 – PURPOSES OF PROCESSING OF PERSONAL DATA
We may process your personal data for a number of different purposes. For each purpose we must have a legal ground for such processing.
Generally such legal grounds are as follows:
- you have given us explicit consent to the processing of your personal data;
- processing is necessary for the performance of a contract to which you are the party or in cases you requested us to process your prior to entering into a contract;
- processing is necessary for compliance with our legal obligation to which we are the subject;
- processing is necessary in order to protect your vital interests or of another natural person;
- processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority laid upon us as controller;
- processing is necessary for the purposes of the legitimate interests pursued by us or by third party.
What do we mean when we say “Legitimate interest” and “Performance of Contract”?
Legitimate Interest shall mean our interest as a business in conducting and managing. We hereby confirm that we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
Performance of contract: this means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
SECTION 5 – DISCLOSURE
We may disclose your personal data if such disclosure is required or permitted by law.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Some of our external third parties are based outside the European Union (EU) which means that the processing of your personal data will involve a transfer of data outside the EU.
Whenever we transfer your personal data out of the EU, we ensure that at least one of the following safeguards is implemented:
- we will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission;
- where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in the EU;
- where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the EU and the USA.
If there is neither adequacy decision nor appropriate safeguards implemented we still may transfer your personal data out of the EU due to following justifications:
- we have been informed you about the possible risks of transfers of your personal data and you has explicitly consented to the proposed transfer of your personal data out of the EU;
- the transfer is necessary for the performance of a contract concluded between you and us or if you requested us to perform any pre-contractual measures;
- the transfer is necessary for the conclusion or performance of a contract concluded between us and other natural or legal person for your benefit;
- the transfer is necessary for important reasons of public interest;
- the transfer is necessary for the establishment, exercise or defence of legal claims;
- the transfer is necessary in order to protect your vital interests or interests of other persons in cases where you are physically or legally incapable of giving consent;
Please feel free to contact us in case if you want to get more information on the specific mechanism used by us when transferring your personal data outside the EU.
SECTION 6 – COOKIES
SECTION 7 – SECURITY
SECTION 8 – AGE OF CONSENT
SECTION 9 – YOUR LEGAL RIGHTS
- The right to request access to your personal data. This means that you may request us to send you a copy of the personal data we hold about you and to check that we are lawfully processing it.
- The right to request correction of the personal data. This means that you may request any incomplete or inaccurate data we hold about you to be corrected.
- The right to request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing, where we may have processed your information unlawfully or where we are required to erase your personal data in order to comply with any relevant applicable laws. Please note that sometimes we may be unable to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
- The right to object to processing. You may object to processing of your personal data where you know or have grounds to assume that such processing impacts on your fundamental rights and freedoms. Also you have the right to object processing at any time where we are processing your personal data for direct marketing purposes. We may demonstrate that we are processing your data due to legitimate grounds which in certain circumstances override your rights and freedoms.
- The right to request restriction of processing of personal data. You may request us to suspend the processing when you want us to make the processed data accurate; or the processing of data is unlawful but you do not want us to erase it; or if you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
- The right to request the transfer of your personal data to you or to a third parties. It means that upon your request we will provide you, or a third party you have chosen, with your personal data in a structured, commonly used, machine-readable format. Please note that this right only applies to data which are processed by automated means and only in cases where you provided us with the relevant explicit consent to such processing or processing is used in course of performance of contract.
- The right to withdraw consent at any time. You may withdraw your consent to processing of your personal data at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
SECTION 10 – DATA RETENTION
Cyber Force Group s.r.o will keep your personal data only as long as it is necessary in order to fulfil the purposes the personal data was collected for, including without limitation the purposes of compliance with any relevant reporting, accounting or legal requirements.
When determining how long your personal data will be kept with us, we consider following factors: nature, sensitivity of the personal data and its amount; the potential risk of harm from unauthorised use or disclosure of your personal data; the purposes for which we collected your personal data and process it; applicable legal requirements.
Where we are processing your personal data for marketing purposes, we may contact you at least every month to ensure you are pleased to continue receiving our marketing communications. You may require us not to use your personal data for marketing purposes or object to such processing at any time by sending appropriate request or statement to our email address.
In some circumstances we may anonymise and/or pseudonymize your personal data for statistical research purposes. In such cases your personal data will not be longer associated with you and we may use this it indefinitely without further notice to you.
SECTION 12 – REQUEST FOR INFORMATION
Sometimes we may need to request specific information from you in order to confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
SECTION 13 – TIME LIMIT TO RESPOND
We will make our best efforts to respond to all your legitimate requests within 1 (one) month. Sometimes it may take us longer than a 1 (one) month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
SECTION 14 – COMPLAINTS
You have the right to make a complaint at any time to the The Office for Personal Data Protection (OPDP), which is the supervisory authority for data protection issues in the Czech Republic (https://www.uoou.cz/).
However, we would appreciate the possibility to deal with your concerns before you send your complaint to OPDP so please contact us in the first instance.
SECTION 15 – QUESTIONS AND CONTACT INFORMATION
You may also contact us via mail at Cyber Force Group s.r.o, Kremencova, 7/186 Praha 1, 11000, the Czech Republic.