According to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons in connection with the processing of personal data and on the free movement of such data and on the repeal of Directive 95/46/EC
This Policy sets out the types of personal data we collect and process when you use our services or enter into another contract with us, as well as how your personal data is used, shared and protected. Here you will also find an explanation of the options available to you in relation to your personal data and how you can contact us. We hereby inform you below about the processing of your personal data and your rights in accordance with Article 12 of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons in connection with the processing of personal data and on the free movement of such data and on the repeal of Directive 95/46/EC (hereinafter also referred to as "GDPR").
Personal data means any information about an identified or identifiable natural person; an identifiable natural person is a natural person who can be directly or indirectly identified, in particular by reference to a certain identifier, for example a name, identification number, location data, network identifier or to one or more special elements of physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person
1. Administrator of personal data
1.1 Your data is processed by Decentree software s.r.o., IČO 14263211 with registered office at Nové sady 988/2, 602 00, Brno – Staré Brno (hereinafter referred to as the "Administrator"). The administrator declares that all personal data processed by the administrator is strictly confidential. The administrator handles them in accordance with national legislation and the regulations of the European Union applicable in the field of personal data protection.
1.2 The Administrator collects, stores and uses your personal data in accordance with Act No. 110/2019 Coll. on the processing of personal data (hereinafter referred to as the Act on the Processing of Personal Data), or Regulation of the European Parliament and Council (EU) 2016/679 of April 27, 2016, on the protection of natural persons in connection with the processing of personal data and on the free movement of such data and on the repeal of Directive 95/46/EC (hereinafter referred to as the "GDPR Regulation"). The individual purposes for which the administrator processes personal data are further defined
1.3 The administrator also collects this personal data through its website at www.decentree.com (hereinafter referred to as the “website”).
1.4 These policies are issued by the administrator so that you are sufficiently informed about what personal data the administrator processes, for what purpose, for how long, who will have access to your personal data, and what rights you have. These principles apply to all personal data collected by the administrator, whether they were collected for the purpose of fulfilling a contractual relationship, legal obligation, legitimate interest, or consent granted.
2. Processed personal data
We only process personal data that you give us when filling out the contact form, based on your activity on our website or on the basis of partnership or similar cooperation.
Filling in the contact form:
- E-mail address
Other indirect data:
- Information about the version of the browser and operating system to ensure correct display website
We can process personal data even without your consent only for the following purposes:
- Fulfillment of a contract, the subject of which is the provision of a service or product
- Fulfillment of legal obligations arising for us from generally binding legal regulations.
- Processing within the framework of legitimate interest (e.g. for direct marketing, ensuring safety and protection of life).
2.1 The Administrator is authorized to process the following personal data according to the purpose, according to the categories of personal data, according to the categories of the data subject, according to the categories of recipients and according to the retention period.
Individual processing purposes mean the following:
2.2.1 Fulfillment of the contractual relationship: the relationship between you and the administrator arising on the basis of an order, registration, on the basis of a concluded contract, on the basis of an application and participation in a competition and the like;
2.2.2 Sending commercial communications and offering products and services means: sending commercial offers by electronic mail (e-mail), by short text messages or by telephone call;
2.2.3 Accounting and tax purposes means: accounting records in the sense of accounting and tax legislation;
2.2.4 Personnel, wage agenda means: conclusion of employment contracts, processing of wages, social and health insurance contributions according to Act No. 262/2006 Coll., Labor Code, No. 582/1991 Coll. on the organization and implementation of social security, no. 48/1997 Coll., on public health insurance and on the amendment and addition of some related laws;
2.2.5 Statistical purposes means: anonymized detection of website traffic, monitoring of the number of page views, time spent on the website, type of device from which you access the website. We collect data so that we can improve the quality of the services provided and offer clients relevant content;
2.2.6 Displaying advertisements means: displaying advertisements on websites based on statistically determined customer preferences;
2.2.7 Legitimate interest means: effective defense in the event of a dispute; in such a case, the processing period for personal data is 4 years from the expiry of the warranty period for the goods and is extended by the period during which the dispute is pending. We want to constantly improve the quality of our services and possibly provide new and better services; we want to resist thwarting such activity; therefore, activities that contribute to the fulfillment of this goal are our legitimate interest. A legitimate interest is also processing for the purposes of fraud prevention (e.g. assessing the riskiness of concluding a contract), direct marketing (e.g. offering relevant services to existing customers), transfer of personal data within a group of companies for internal administrative purposes, notification of criminal offenses and transfer of personal data to the relevant authority, ensuring network and information security. This list is only exemplary;
2.2.8 Fulfillment of other legal obligations means: provision of information to law enforcement authorities, provision of information to other public authorities and the like.
2.3 We process your personal data for the period necessary to ensure all rights and obligations arising from mutual legal dealings, at least for the period of processing the order, carrying out the transaction, setting up the service, etc. legal regulations or for the period for which you may have given consent to the administrator. Otherwise, the processing time results from the purpose for which personal data is processed, or is determined by legal regulations.
2.4 We will process your personal data obtained through the website for the entire period of 1 year. If you give us your consent to send you newsletters, we will consider your consent to be valid for 2 years from the date of consent. You can always unsubscribe from receiving newsletters in the manner indicated on this page. Personal data is processed by the administrator manually and automatically.
2.5 Personal data is processed manually and automatically by the administrator. The administrator is authorized to process some information automatically, for example to create statistical information about the traffic of its website.
3. Personal data processed on the basis of consent
3.1 If we obtained your consent to process personal data, it was for one of the following purposes:
3.1.1 You have enabled cookies
4. Rights of the data subject
4.1 As a data subject, you have the listed rights that arise for you from legal regulations and which you can exercise at any time. It is about:
4.1.1 The right of access to personal data, according to which you have the right to obtain from the controller information about whether the controller is processing your personal data. The administrator is obliged to provide you with this information without undue delay. The content of the information is determined by the provisions of Article 15 of the GDPR regulation. The Administrator has the right to request a reasonable payment for the provision of information not exceeding the costs necessary to provide the information;
4.1.2 The right to correct or delete personal data, or restriction of processing, according to which you have the right to have personal data that is inaccurate or incorrect corrected. If your personal data are no longer needed for the purposes for which they were collected, or are processed unlawfully, you have the right to request their deletion. If you do not want to request the deletion of personal data, but only to temporarily limit their processing, you can request a restriction of processing;
4.1.3 The right to request an explanation, in the event that you suspect that the processing of personal data by the administrator is in violation of legal regulations;
4.1.4 The right to contact the Office for the Protection of Personal Data, in case of doubts about compliance with obligations related to the processing of personal data;
4.1.5 The right to data portability, i.e. the right to receive personal data concerning you, which you have provided to the administrator, in a structured, commonly used and machine-readable format, see for more details. Article 20 GDPR;
4.1.6 The right to object to the processing of personal data that is processed for the purpose of fulfilling a task carried out in the public interest or in the exercise of public authority or for the purpose of protecting the legitimate interests of the controller. The administrator will terminate the processing without undue delay if it does not prove that there is a legitimate interest/reason for the processing that outweighs your interest, rights or freedoms;
4.1.7 The right to withdraw consent to the processing of personal data at any time if you have given the administrator consent to the processing of personal data.
5.1 Cookies are short text files that the website sends to your browser. They allow the website to record information about your visit, for example the chosen language and the like, so that the next visit to the website can be easier and more pleasant for you. Cookies are important because without them browsing the Internet would be much more difficult. Cookies enable better use of our website and adaptation of its content to your needs; almost every website in the world uses them. Cookies are useful because they increase the user-friendliness of repeatedly visited websites.
5.2 The administrator may use the following types of cookies on the website:
5.2.1 Relational (i.e. temporary) cookies allow us to connect your individual activities while browsing this website. These files are activated when you open your browser window and are deactivated when you close your browser window. Session cookies are temporary and all these files are deleted when you close your browser.
5.2.2 Persistent cookies help us identify your computer if you visit our website again. Another advantage of persistent cookies is that they allow us to adapt our website to your needs.
6.1 The transfer of data takes place only with selected partners to whom we transfer your data and who are able to ensure such technical and organizational security of your data that unauthorized or accidental access to the data or its other misuse cannot occur. All our partners are bound by confidentiality obligations and may not use the provided data for any purposes other than those for which we made it available to them. Third parties that may have access to your personal data are:
- Facebook Ireland Ltd, 4 GRAND CANAL SQUARE, GRAND CANAL HARBOR, D2 Dublin IRELAND
- Seznam.cz, as, ID: 26168685, Radlická 3294/10, 150 00 Prague;
- SmartSelling as, ID: 29210372, registered at the Regional Court in Brno under registration no. B 7559, represented by David Kirš as a member of the board of directors and with registered office at Netroufalky 797/5, 625 00 Brno
- Google, Mountain View, 1600 Amphitheater Parkway Mountain View, CA 94043 United States. For the transfer of personal data to the USA, there is no Europliean Commission decision on adequate protection, and the transfer takes place on the basis of appropriate guarantees in the form of standard clauses or only to entities involved in the so-called "Privacy Shield". Personal data may be further transferred to the following recipients/categories of recipients:
- suppliers of the administrator
- persons in a different contractual relationship with the administrator (e.g. providers of marketing and advertising services),
- financial institutions and insurance companies.
Under certain, precisely defined conditions, we are obliged to hand over some of your personal data on the basis of valid legal regulations, e.g. to the Police of the Czech Republic, or other law enforcement authorities, including specialized departments (ÚOOZ, Customs, etc.) and other public administration authorities.
Functional cookies – Necessary cookies help the website to be usable by enabling basic functions such as page navigation and access to secure sections of the website. The website cannot function properly without these cookies.
Analytical cookies – Statistical cookies help website owners to understand how visitors use the website. They are collected anonymously and help improve the website. Preference cookies – Preference cookies allow a website to remember information that changes how the website behaves or looks. For example, it's your preferred language or the region you're in.
Marketing cookies – Marketing cookies are used to track visitors on the website and the data is used according to our advertising partners. These companies may use the data to offer relevant and personalized advertising. For this type of advertising, we use the services listed below, within which users are segmented based on common features. It is not possible to associate this data with a specific person.
8. Information and questions
8.1 The data subject can obtain further information about rights and obligations in the protection of personal data on the website www.decentree.com or via e-mail at [email protected]. You can file a complaint regarding the processing of your personal data or non-fulfillment of the administrator's obligations arising from the GDPR to the supervisory authority at any time. The supervisory authority in the Czech Republic is the Office for the Protection of Personal Data, with headquarters in Pplk. Sochora 27, 170 00 Prague 7, www.uoou.cz