Privacy Policy responsiblo for the clients of HracíAutomaty.cz
1. Introduction
Welcome to the website of responsiblo, s.r.o., with registered office at Varšavská 715/36, 120 00 Prague 2, ID No. 19428588 (hereinafter referred to as "we" or "Company"). We pay great attention to the protection of the personal data of our users and are committed to processing them in accordance with applicable law, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council, known as GDPR, and Czech law. This document, referred to as the "Personal Data Policy" (the "Policy"), explains how we collect, use and protect the personal data of users of our website ("Users"). Your personal data is processed only after you have given your consent, which can be withdrawn at any time, or on the basis of other legal bases defined in the GDPR.
2. Personal data collected
The collection and processing of personal data only applies to clients who have purchased our training program directly through our website. For these clients we collect the following personal data:
- First and last name: For user identification and invoicing.
- Billing address: required for correct invoicing and tax purposes.
- Email address: Used for communication regarding orders, sending confirmations, course information and billing.
- Phone Number (optional): May be used for quick communication for questions regarding your order or to inform you of course changes.
- IP address: Collected for security purposes and to detect fraudulent activity.
- Payment Information: Information about the payment method used to process the payment. Please note that sensitive payment information (such as credit card numbers) is not directly collected or stored by our systems, but processed through secure payment gateways.
We also collect other data that Users voluntarily provide to us in the course of our interactions or through the web form, such as specific course requests or inquiries.
We collect only a limited amount of data for clients who use our education program through partners such as bookmakers, online casinos, or other entities or organizations. This data includes:
IP address: this address is collected for identification and security purposes, as well as for the analysis and optimization of our services. Information about the region or country: We collect this information for statistical purposes and to better understand the geographic distribution of our users. This information alone does not allow direct identification of individual users.
In these cases, we do not process personal data such as name, surname, address, etc., as we are not directly the data controller of this data. The data controller in these situations is the relevant partner entity and the processing of this data is governed by its own privacy policy. Our role is limited to processing the above data in accordance with the relevant data protection laws and regulations.
3. Purposes of the processing of personal data
Personal data collected on our website is processed for the following purposes:
Provision of services through our website: This includes processing the data necessary to register users, manage user accounts, process and process orders, provide customer support and communicate with you about our services.
Marketing activities: data processing for direct marketing purposes, including sending newsletters, promotional offers or information about new products and services, if you give your explicit consent. This also includes customer segmentation for targeted advertising and marketing.
Analysis and improvement of our services: your data may be used for internal analysis and research to understand your needs and preferences, which helps us improve the quality of our services, websites and products.
Administrative purposes and compliance with legal obligations: processing of personal data may also be necessary for administrative purposes such as accounting, auditing, compliance with legal and regulatory requirements, or to respond to requests from public and government authorities.
Ensuring security and integrity: processing is further used to ensure the security and integrity of our services, websites and systems, including the prevention and detection of fraud, unauthorized access to systems, data breaches and other security incidents.
Communication with users: Your personal information allows us to communicate with you, respond to your questions, complaints or provide information you have requested.
4. Legal basis for processing
The processing of personal data of our website users is based on the following legal grounds:
User consent: this basis applies where you have given us your explicit consent to process your personal data for specific purposes. You may withdraw this consent at any time, but this does not affect the lawfulness of processing carried out on the basis of consent prior to its withdrawal.
Performance of a contract: The processing is necessary for the performance of a contract to which you are a party or for the performance of measures at your request before the conclusion of the contract. This includes, for example, the processing of data for the purpose of fulfilling an order.
Legitimate interest: processing is necessary for the purposes of the legitimate interests pursued by us or a third party, unless these interests are overridden by your interests or fundamental rights and freedoms requiring the protection of personal data. Examples include processing for direct marketing purposes, IT infrastructure security, or fraud prevention.
Legal obligations: processing may be necessary to comply with a legal obligation to which we are subject as a data controller. This may include, for example, obligations under tax or accounting law.
5. Transfer of data to third parties
Your personal data may be shared with the following categories of third parties:
Service and product providers: for the purpose of providing and improving our services and products, such as payment gateways for payment processing, cloud service providers for data storage and external IT service providers for securing our IT infrastructure.
Marketing and analytics services: to analyze the use of our services and to target and optimize marketing campaigns if you have given your consent.
Partner entities: if you use our services through partner entities such as bookmakers or online casinos, limited data such as IP address may be shared to ensure the quality and security of the service.
Legal authorities and regulators: where we are under a legal obligation to do so or where it is necessary to protect our rights, to protect your safety or the safety of others, to investigate fraud or in response to a government request.
In the event of a merger, acquisition or other transfer of all or part of our assets: personal information may be part of the transferred assets.
Your personal data will not be sold to third parties. All third parties with whom we share your data are obliged to treat your data in accordance with the law and ensure adequate data protection.
6. Your rights
As a user of our services, you have the following rights relating to your personal data:
Right of access: you have the right to obtain confirmation from us as to whether we are processing your personal data and, if we are, you have the right to obtain access to that data and information about its processing.
Right to repair: If your personal data is inaccurate or incomplete, you have the right to request that we correct or complete it without undue delay.
Right to erasure ("right to be forgotten"): In certain circumstances, you have the right to request the erasure of your personal data, for example if the data is no longer necessary for the purposes for which it was collected or processed.
Right to restriction of processing: in certain cases, such as doubts about the accuracy of the data or objections to processing, you have the right to request that we restrict the processing of your personal data.
Right to data portability: you have the right to obtain the personal data you have provided to us in a structured, commonly used and machine-readable format, and you have the right to transfer this data to another controller without hindering us.
Right to object: You have the right to object at any time to the processing of your personal data on grounds relating to your particular situation where the processing is based on legitimate interest, including profiling.
Right to lodge a complaint with a supervisory authority: If you feel that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with the Data Protection Authority or another competent supervisory authority in your country.
To exercise these rights or for further questions, you can contact us electronically at info@responsiblo.com. We aim to respond to all legitimate requests within one month.
7. Legal framework and compliance
The protection of personal data of natural persons, i.e. personal data of the User, is provided in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as "GDPR"), and with Czech Act No. 101/2000 Coll., on the protection of personal data, as amended, and with effect from 25 May 2018. The User is informed of his/her rights under the GDPR, in particular the rights arising from Articles 12 to 23.
8. Security and data protection
responsiblo, s.r.o. places great emphasis on the protection of personal data and the security of our systems and networks. We implement a number of technical and organisational measures to ensure that your data is protected from unauthorised access, loss, misuse or damage. Our security measures include:
Network security: We use state-of-the-art firewall and other advanced technologies to protect our network infrastructure from unauthorized access and attacks.
Data encryption: sensitive data, including personal data, is encrypted during transmission using SSL/TLS technology.
Access rights: access to personal data is limited to those employees and third parties who need the data to perform their job duties. All employees and external collaborators are bound by confidentiality and data protection agreements.
Regular security audits and testing: We conduct regular security audits and penetration tests of our systems to identify and fix any potential vulnerabilities.
Protection against malware and viruses: Systems are protected with the latest versions of antivirus and antimalware software.
Data backup: we regularly back up data to ensure its recovery in the event of technical or other failures.
Data Leakage Protection: we implement a Data Leakage Prevention (DLP) solution to monitor and control data flows and prevent unauthorized transfer of sensitive information.
In the event of a personal data breach, we have a process in place to respond quickly and limit any potential impact on users, including the obligation to notify the relevant authorities and affected data subjects in accordance with legal requirements.
9. Contact
For questions regarding the processing of your personal data, please contact us at: info@responsiblo.com.
Effective date: 12.06.2024