PRIVACY POLICY

Upon full registration at web portal https://convertingteam.com/ a partner or an advertiser (hereinafter the “User”) voluntarily grants its personal data to , Id. No. 051 54 928, with its registered office at Donska 1554/12, Prague 101 00, Czech Republic, registered in the Commercial Register kept by Municipal Court in Prague, Section C, File 259018 (hereinafter the “Controller”), that is the operator of the above web portal. The User may grant its personal data to the Controller by other means.

The Controller, as a controller of personal data, will process User’s personal data upon conditions stated below, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation; “GDPR”).

1. Purpose and legal basis for processing of personal data

User’s personal data will be processed for following purposes:

1. Conclusion of an agreement between the Controller and the User in accordance with respective general terms and conditions, upon which the Controller enables the User to use software solution (network) operated by the Controller (hereinafter the “Agreement”).
2. Performance of the Agreement.
3. Protection of the Controller’s rights arising from the Agreement.
4. Direct marketing via commercial communication related to products or services of the Controller.
5. Fulfilment of the Controller’s legal obligations related to personal data processing (especially possible co-operation with the respective public authorities).
6. Dealing with User’s applications, proposals or complaints.

The legal basis for processing of User’s personal data for purposes presented in numbers 1) and 2) is performance of a contract (Agreement) to which the User is party or taking steps at the request of the data subject prior to entering into a contract (Agreement) pursuant to Article 6 (1) (b) of GDPR.

The legal basis for processing of User’s personal data for purposes presented in number 3) is Controller’s legitimate interests to protect its rights pursuant to Article 6 (1) (f) of GDPR.

The legal basis for processing of User’s personal data for purposes presented in number 4) is Controller’s legitimate interests to market its products and/or services to its customers pursuant to Article 6 (1) (f) of GDPR.

The legal basis for processing of User’s personal data for purposes presented in numbers 5) and 6) is a fulfilment of legal obligations to which the Controller is subject pursuant to Article 6 (1) (c) of GDPR.

2. Scope and period of processing of personal data

For a purpose of conclusion and performance of the Agreement, as well as for a purpose of fulfilment of the Controller’s legal obligations related to personal data processing, the Controller processes User’s personal data filled in the registration form and/or given to the Controller by other means, within the following scope: name and surname of the User's contact person, User's name,  address of the User's registered office, User's telephone number, User's e-mail address, User's Skype identifier and also, as appropriate, User's bank account number, User's PayPal account identifier, User's Skrill account or other account identifier, or other personal data given to the Controller, that are usable for purposes stated in the Privacy Policy.

For a purpose of protection of the Controller’s rights arising from the Agreement, the Controller processes name and surname of the User's contact person, User's name, address of the User's registered office, User's bank account number, User's PayPal account identifier, User's Skrill account or other account identifier, or other personal data given to the Controller, that are usable for this purpose.

For a purpose of a direct marketing via commercial communication related to products or services of the Controller, the Controller processes User’s (and its contact person’s) e-mail address and its name and surname.

For a purpose of dealing with User’s applications, proposals or complaints, the Controller processes User’s personal data given in respective application, proposal or complaint.

User’s personal data will be processed for a period, that is necessary for fulfilment of respective purpose of its processing:

• For purposes of conclusion and performance of the Agreement, the Controller processes personal data for a period of duration of the Agreement and for 3 years from termination of the Agreement.
• For a purpose of protection of the Controller’s rights arising from the Agreement, the Controller processes personal data for a period set for limitation of time of Controller’s rights arising from the Agreement pursuant to respective law.
• For a purpose of a direct marketing via commercial communication related to products or services of the Controller, the Controller processes personal data until the Controller receives an objection or other type of disagreement with further processing for such purpose of the processing, and then for 1 month, that is a period needed to carry out relevant technical measures to delete respective personal data from Controller’s internal system.
• For a purpose of fulfilment of the Controller’s legal obligations related to personal data processing, the Controller processes personal data for a period necessary to fulfil respective legal obligations related to personal data processing, as required by law.
• For a purpose of dealing with User’s applications, proposals or complaints, the Controller processes personal data for an appropriate period necessary to deal with them.

3. Source of personal data

The Controller mainly obtains personal data directly from the User, mainly by a registration form on its web portal. However, the Controller may obtain personal data even not from the User, mainly from Controller’s business partners. Even in such situation, the same personal data processing rules apply.

The Controller always considers received personal data to be of a true and actual nature. Should personal data become unactual, the User shall update its personal data as soon as possible by a notice given to the Controller, to an e-mail address stated below.

4. Manner of processing of personal data, protection of personal data, recipients of personal data

Personal data are processed by the Controller. The Controller may authorize processor(s) to process such personal data. If the Controller does so, it will provide User’s personal data to authorized processor(s), that are one of categories of recipients of personal data. For now, processors are: IT service providers, cloud service providers.

Recipients of personal data may also be respective public authorities, if such provision of data is stipulated by law.

All Controller’s obligations on data processing are always binding to processor(s) authorized by the Controller. The Controller, as well as authorized processor(s), will not publish User’s personal data, unless agreed otherwise.

The Controller processes personal data automatically. Automated processing of personal data by the Controller is not done by means, that could lead to an individual decision, that could have legal effects on the User or could significantly affect the User in similar way within a meaning of Article 22 (1) of GDPR.

The Controller implemented appropriate technical and organisational measures to ensure protection of processed personal data to avoid a security breach leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data, as well as other type of abuse.

5. User’s rights of personal data subject

The User, as a personal data subject, is entitled to:

• Right of access to personal data within a meaning of Article 15 of GDPR
• Right to rectification within a meaning of Article 16 of GDPR
• Right to erasure (right to be forgotten) within a meaning of Article 17 of GDPR
• Right to restriction of processing within a meaning of Article 18 of GDPR
• Right to data portability within a meaning of Article 20 of GDPR
• Right to object within a meaning of Article 21 of GDPR
• Right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning the User or similarly significantly affects the User, within a meaning of Article 22 of GDPR
• Right to lodge a complaint with a supervisory authority within a meaning of Article 77 of GDPR

The Controller deals with all applied User’s rights for free. However, if User’s application to apply the right is unreasonable or inappropriate, particularly because such application is repeated without a fair reason, the Controller shall be entitled to ask the  User for a compensation (with regards to administrative costs related to provision of requested information or communication, or to taking requested acts); or the Controller shall be entitled to refuse User’s application.

Should the User object to processing of its personal data for a purpose of direct marketing, the Controller shall be obliged to satisfy such application.

6. Controller’s contact information

The User can contact the Controller at following e-mail address: report-abuseconvertingteam.com.

The User can also address its proposals or complaints to the Office for Personal Data Protection. Contact details of the Office for Personal Data Protection are stated at https://www.uoou.cz/en.

This Privacy Policy is valid and effective as of 1st June 2021.