Principles of personal data protection (GDPR)_RECAS-TEC s.r.o
General note
Data protection refers to personal information, i.e. all data that can identify or enable the identification of a specific natural person, known as a data subject. This includes, for example, personal data such as name, postal address, e-mail address and telephone numbers.
Purpose and scope
Privacy protection in the processing of personal data and ensuring the security of all business information is for RECAS-TEC s.r.o. a key priority. We process personal data carefully and in accordance with applicable laws and the EU General Data Protection Regulation (GDPR). We consider respecting your data protection rights as an integral part of our social responsibility. This data protection regulation applies to RECAS-TEC s.r.o., as well as to their management and employees.
Administrator and his representative
In terms of the EU General Data Protection Regulation (GDPR), he is responsible for:
RECAS-TEC s.r.o.
Upper Libchavy 276
CZ-561 16 Libchavy
Represented by Dušan Klos, managing director
Phone: +420 607 080 826
By email: dusan.klos@recas-tec.cz
Website: https://www.recas-tec.cz
Lawfulness of processing
In accordance with Article 13 of the GDPR, we inform you about the legal basis on which we base our data processing. If the legal basis is not expressly stated in our data protection statement, the following legal bases apply:
- consent to data processing – Article 6 paragraph 1 letter a) and Article 7 GDPR.
- data for the purpose of fulfilling our services and contractual obligations – Article 6 paragraph 1 letter b) GDPR.
- Data for the fulfillment of our legal obligations – Article 6 paragraph 1 letter c) GDPR.
- data to protect our legitimate interests – Article 6 paragraph 1 letter f) GDPR.
- personal data are required by the essential interests of the data subject or other natural person – Article 6 paragraph 1 letter d) GDPR.
Data processing
Personal data is any information that relates to a specific or identifiable person. The data subject is the person about whom these personal data are processed. Processing includes any operations with personal data, regardless of the means and procedures used, in particular the storage, access, retrieval, deletion, storage, modification, disposal and use of personal data.
Special categories of data
Regarding special categories of personal data according to Article 9, paragraph 1 of the GDPR (e.g. data on health status or ethnic origin), they are processed under the following conditions:
- On the basis of Article 9 paragraph 2 letter b) GDPR, if the processing is necessary for the fulfillment of obligations and the exercise of specific rights in the field of labor law and social security and protection law.
- On the basis of Article 9 paragraph 2 letter c) GDPR, if the processing is necessary to protect the vital interests of the data subject or another person.
- On the basis of Article 9 paragraph 2 letter h) GDPR, if the processing is necessary for health or social care, diagnosis, treatment or administration of systems and services in the field of health or social care.
- On the basis of Article 9 paragraph 2 letter a) GDPR, if the data subject has given express consent to processing for one or more specific purposes.
Data retention period
We process personal data for the time necessary for the given purpose or purposes. If we are required to store data for a longer period due to legal or other obligations, processing is limited to the necessary minimum.
Recipients of personal data
Within the company, only those who need it for specific purposes have access to personal data. External recipients will only obtain personal data if they have a legal basis to do so or the consent of the data subject.
Transfer of data to third countries
If we process data outside the European Union (EU) or the European Economic Area (EEA), or if we use the services of third parties, or if we make available or transfer data to other persons, institutions or companies, this is always done in accordance with legal requirements. Data processing in third countries takes place only on the basis of express consent, contractual or legal requirement. For this, we only use countries with a recognized level of data protection, binding contractual terms through standard protection clauses of the European Commission, or other certifications or binding internal data protection regulations (Article 16 DSG, Article 44-49 GDPR). More detailed information can be found on the information page of the European Commission: Data protection in the EU.
Cookies
This website uses cookies, which are text files that store information from visited websites or domains that are stored on the user’s computer through the browser. Cookies are primarily used to store information about the user during or after their visit. For example, they may include language settings, login status, shopping cart contents, or where the video was interrupted. The term “cookies” also includes other technologies that perform similar functions, such as pseudonymous online identifiers known as “User IDs”.
Temporary cookies (session cookies): These files are deleted at the latest after closing the browser and leaving the website.
Persistent cookies: These files remain stored even after the browser is closed, which, for example, allows you to remember your login status or display your preferred content the next time you visit the website. Persistent cookies can also store user interests for the purposes of measuring reach or marketing.
First-party cookies: These files are set by us.
Third-party cookies: These files are used by third parties, such as advertisers, to obtain information about users.
Necessary cookies: These files are necessary for the operation of the website, for example to store login data or for security reasons.
Statistical, marketing and personalization cookies: These files are used to measure traffic and store user interests or behavior (eg viewing certain content) in order to show users relevant content. This process is known as “tracking”.
Legal bases of processing
The legal basis for processing your personal data using cookies depends on whether you have given consent. If you have agreed to the use of cookies, this consent is the legal basis for the processing of your data. Otherwise, data processing is carried out on the basis of our legitimate interests, for example for the commercial operation of our online offer and its improvement, or if the use of cookies is necessary to fulfill our contractual obligations.
Storage time
Unless otherwise stated, assume that persistent cookies may be stored for up to two years.
Appeals and objections (opt-out)
You have the option to withdraw your consent or object to the processing of your data using cookies at any time. You can do this by setting your browser, for example by deactivating cookies (which may affect the functionality of the website). You can object to the use of cookies for online marketing via websites such as About Ads and Your Online Choices. You can also find more information about the possibility of objection in the section of information about service providers and cookies used.
Our website uses cookie consent management, where users can give their consent to the use of cookies or data processing as indicated in this management. This consent is stored so that users do not have to ask repeatedly and it is possible to document consent according to legal requirements. Storage can take place on the server or through cookies (so-called opt-in cookies) or other comparable technologies, in order to assign consent to the user or his device. Unless otherwise stated, consent can be stored for up to two years. When consent is granted, a pseudonymous user identifier is created and stored together with information about the scope of consent (e.g. which categories of cookies and service providers) and the browser, system and device used.
Types of data processed: usage data (e.g. visited websites, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
Affected persons: users (e.g. website visitors, users of online services).
Legal basis: consent (Article 6 paragraph 1 letter a GDPR), legitimate interests (Article 6 paragraph 1 letter f GDPR).
Web analytics
Privacy statement for SSL/TLS encryption
For the security and protection of the transmission of confidential information, such as your inquiries, our website uses SSL/TLS encryption. You can recognize an encrypted connection by the address in the browser changing from “http://” to “https://” and a lock symbol appearing. Activated SSL/TLS encryption ensures that the data you send us cannot be read by third parties.
Data transfer security (without SSL)
Keep in mind that data transmitted over open networks such as the Internet or an email service without SSL encryption can be seen by anyone. You can recognize an unencrypted connection by the address “http://” and the absence of a lock symbol in the browser. Information transmitted over the Internet may pass through a third-party network, which may reduce the confidentiality of your data. We cannot guarantee the security of your communications over open networks and are not responsible for any losses incurred during transmission. We recommend using more secure communication methods if necessary.
Despite our technical and organizational security measures, data can be lost or intercepted by unauthorized persons. We take appropriate measures to prevent these events within our system, but your computer is beyond our control. It is your responsibility to inform yourself and take the necessary safety precautions. It bears no responsibility for damages caused by loss or manipulation of data. Data entered in online forms may be transferred to third parties for order processing.
Data protection statement for server log files
The provider of this site automatically collects and stores information in server log files that your browser automatically transmits. This information includes:
- Browser type and version
- The operating system used
- URL of the referring page
- The hostname of the accessing computer
- Server request time
These data cannot be assigned to specific persons and are not merged with other data sources. We reserve the right to review this data retrospectively if specific indications of illegal use appear.
MailShare
Content from our website and social networks can be shared via e-mail (so-called MailShare). When sending an e-mail with this function, the data protection regulations of the relevant e-mail provider (eg Gmail, GMX, Hotmail, or employer’s e-mail) apply. The data entered by the user for the MailShare function is not stored by us.
Built-in third-party services and social plugins
Services and content from third-party providers such as Facebook, Twitter and YouTube are integrated on our website through so-called social plugins that may use cookies. RECAS-TEC s.r.o. has no control over the data collected by these social networks through the respective plugins. Information about the purpose and scope of data collection, its further processing and use, as well as about privacy rights and settings, can be found in the privacy policies of the respective providers.
Meta Social Plugins (Facebook/Instagram) – Facebook is operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Meta’s privacy policy is available here: Meta Privacy Policy.
YouTube Social Plugins – YouTube is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. YouTube’s privacy policy can be found here: YouTube Privacy Policy.
X Corp Social Plugins (Twitter) – Twitter is operated by X Corp., 1355 Market St, Suite 900, San Francisco, CA 94103, USA. The privacy policy of X Corp (formerly Twitter) can be found here: Twitter Privacy Policy.
LinkedIn Social Plugins – LinkedIn is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. LinkedIn’s privacy policy is available here: LinkedIn Privacy Policy.
Privacy policy for the contact form
If you send us an inquiry via the contact form, your details from the form, including the contact information you have provided, will be stored for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent.
Contract services
We process the data of our contractual and business partners, such as customers and interested parties (hereinafter referred to as “contractual partners”), within the framework of contractual and similar legal relationships, both when concluding contracts and during related measures and communication (including pre-contractual communication). We process this data for the purpose of fulfilling our contractual obligations, protecting our rights and for administrative purposes related to these activities and the organization of the company. We share the data of contractual partners with third parties in accordance with applicable law only to the extent necessary for the above purposes, to fulfill legal obligations, or with the consent of the persons concerned (e.g. with auxiliary services, subcontractors, banks, tax and legal advisors, payment service providers or tax authorities). We inform contractual partners about other processing methods, such as marketing purposes, in the context of this data protection declaration.
Information for contractual partners
We inform contractual partners about which data are necessary for the above purposes before or during their collection, for example through online forms, special markings (colors, symbols, stars, etc.) or in person. We delete the data after the expiration of the legal warranty periods and similar obligations, i.e. generally after 4 years, if the data is not stored on the customer account. If it is necessary to keep data for legal archiving reasons (e.g. tax purposes, usually 10 years), we keep it in accordance with these requirements. We delete data provided by contractual partners as part of orders in accordance with the terms of the order, usually after its completion.
Customer’s account
Contractual partners can create an account within our online offer (e.g. customer or user account, hereinafter referred to as “customer account”). If the registration of a customer account is necessary, we inform the contractual partners about the required data. Customer accounts are not public and are not indexed by search engines. During registration and subsequent use of a customer account, we store customer IP addresses along with access times in order to prove registration and prevent possible misuse. If the customer closes their customer account, the data related to the account will be deleted, unless their retention is required for legal reasons. Customers are responsible for backing up their data after account termination.
Market analysis and research
For business purposes and to identify market trends and needs of contractual partners and users, we analyze data about business transactions, contracts and inquiries. Analyzes are used for business evaluation, marketing and market research, e.g. to determine groups of customers with different characteristics. We use the analyzes internally and do not publish them unless they are anonymous summary analyses. We process data for the purposes of analysis as pseudonymously and anonymously as possible.
Business communication via Microsoft Teams and SharePoint
We use Microsoft Teams for normal business communication, such as online meetings or video conferencing. If online meetings are to be recorded, we will inform you in advance and ask for your consent. If it is necessary to record the content of the online meeting, we will also save the content of the chat. Microsoft Teams is a service of Microsoft Ireland Operations, Ltd. The extent of data processed depends on the information provided and what information you share when participating in online meetings.
Processed data
- User information: display name, email address, profile picture (optional), preferred language
- Meeting metadata: date, time, meeting ID, phone number, location
- Text, audio and video data: data from your device’s chat, microphone and camera
More information about data protection when using Microsoft Teams can be found here: Microsoft Teams Privacy.
Data security
The company RECAS-TEC s.r.o. takes care of your data that we manage and will ensure that it is protected from unwanted or illegal access. For this, we use the necessary technical and organizational measures, which we constantly update according to the development of technology.
Processing of sensitive data
Processing of sensitive personal data takes place only in accordance with the law. If the law requires or allows it, RECAS-TEC s.r.o. may process this data based on your express consent or if necessary for legal claims.
Minimization and data retention period
The collection and storage of personal data is limited to the extent necessary for the given purpose and is kept only for the time strictly necessary. If there are legal retention requirements, we comply with them. Your data will be deleted as soon as it is no longer needed for the given purpose.
Rights of the data subject
- Right to confirmation: Every data subject has the right to find out whether his personal data is being processed.
- Right to information: Everyone has the right to obtain information about their personal data stored by the website operator.
- Right to rectification: Every data subject can request the correction of their personal data if they are incorrect.
- Right to erasure (right to be forgotten): Every data subject can request the erasure of their personal data under certain conditions.
- Right to restriction of processing: Every data subject can request restriction of processing of his personal data under certain conditions.
- Right to data portability: Every data subject has the right to transfer their personal data to another organization.
- The right to object: Every data subject has the right to object to the processing of their personal data.
- Right to withdraw consent: Every data subject has the right to withdraw consent to the processing of their personal data.
Changes
This privacy policy is effective as of June 1, 2024 and may be updated as necessary.