Dear customers,
the protection of your privacy and personal data is essential for us. Therefore, please pay attention to this document, where you will find all the necessary information regarding your personal data processed by the personal data controller, company Schwarzsoft s.r.o., identification no.: 07048904, with registered office at Palackého 629/9, 779 00 Olomouc, registered in the Czech Commercial Register administered by the Regional Court in Ostrava, section C, entry 77951 (hereinafter as “Provider”), in connection with the operation of website instagto.com (hereinafter as “Website”) and Software “InstaGTO” (hereinafter as “Software”).
For any questions regarding the protection of privacy and the exercise of your rights, please, do not hesitate to contact us:
- e-mail: info@instagto.com
- For what purposes and what personal data do we process?
Thus, we process your personal data primarily for the purposes of negotiating and fulfilling our contractual obligations towards our Customers. For this purpose,
- Conclusion and performance of contracts with the Customer
We process personal data to provide the Software to our customers (hereinafter as “Customers”). In order to be able to use the Software, the Customer has to register on our Website and open a user account and purchase one of currently available subscriptions to the Software. Terms of use of the Software are governed by a license agreement (EULA) to which the Customer agrees in the course of installation of the Software.
Thus, we primarily process personal data of the Customers to negotiate, conclude and fulfil the contracts between us and the Customers (namely contracts on setting up a user account of the Customer, particular orders of the subscriptions to the Software and the license agreement).
For this purpose, we need the following personal data:
- Identification and contact details of the Customer: name, surname, date of birth, delivery address, e-mail),
- payment details of the Customer (depending on the chosen payment option),
- login data to access the user account: username, encrypted password,
- data from communication with the Customer and information about the performance of the contract with us.
Without the above data, it is not possible to conclude or fulfill the respective contracts with our Customers.
- Obligations of the Provider arising from legislation
In addition to the above, we often have to process personal data to comply with our legal obligations. In particular, we have to process personal data of our Customer to the extent required by the relevant legislation in connection with our obligations in the field of accounting and related tax obligations, or obligations imposed by the Archiving Act.
- Legitimate interests of the Provider
In justified cases, we may also process personal data on the basis of a legal title, which is the protection of our legitimate interests. However, we always thoroughly assess and ensure that the interest in processing of your data for this purpose does not unduly intervene with your privacy.
Proof of conclusion of the contract with Customer in electronic form: The contracts with the Customers are always concluded by electronic means. In order to protect our legitimate interests (to be able to prove the conclusion of the Contract with a particular Customer and their consent to our terms and conditions), we store the data necessary to identify the Customer and the version of the terms and conditions they have consented to in the form of an electronic time stamp.
Defense of the Provider’s rights: We further process personal data of our Customers for the purposes of protecting our legitimate interest, which is to ensure the possibility of our defense in potential legal disputes, court proceedings or inspections by state or other public authorities (typically the Czech Trade Inspection etc.). We process the data in order to be able to prove, if necessary, that we have acted in accordance with our contractual obligations and legal regulations. In this context, we typically process the identification and contact data of the Customer, information about the concluded contracts, their performance and data from communication with the Customer.
Analysis and improvement of the Website and the Software: We may further process personal data of visitors of our Website and/or Customers using the Software and user account for the purposes of analyzing the use of the Website, Software and Customers and further improving it. For these purposes, we may collect and further process data such as IP address, date and time of access to the Website or Software, use of its functions, login history, information about the internet browser, the device used or language settings.
- Sending newsletters (commercial communications)
In the case of Customers with whom we have concluded a contract and in connection with this we have obtained their e-mail and/or telephone number, we process their personal data in the scope of e-mail and telephone number for the purpose of sending information and news about our services and products (commercial communications).
The processing of personal data for the purpose of sending commercial communications is based on the legitimate interest of the Provider in informing the Customers about the latest offers of the Provider.
If you no longer wish to receive these newsletters from us, you may unsubscribe at any time, free of any charge. The unsubscribe link is in each newsletter sent. Alternatively, you can unsubscribe by managing your preferences in your user account or by contacting us using the contact email address stated above in this document.
- From whom do we receive personal data and to whom do we pass it on?
We collect personal data from the Customers – the data subjects. You are obliged to provide us only with accurate data and if your personal data changes, you must update the data.
We may hand over personal data under the conditions set out by law to public authorities for which the law requires us to do so, or if the authority so requests within the limits of its competences.
We use the following processors for data processing:
- Leadhub – Mailing client (only emails) – Leadhub s.r.o., IČO: 044 66 683
- Pampo s.r.o – Accountant (isued invoices only) – PaMPO, spol. s r.o., IČO: 49611356
- Fakturoid – Billing online client (issued invoices only) – Fakturoid s.r.o., IČO: 04656679
Unless otherwise stated above, personal data is not transferred outside the EU.
- How do we process personal data?
We process your personal data manually in accordance with the relevant purpose, where manual processing is necessary or appropriate. When managing your data, our employees or other persons working for us may act, including for the purpose of correcting errors, inaccuracies, etc. However, such persons may process personal data only under the conditions and to the extent stated above and are bound by the obligation of confidentiality about personal data and security measures the disclosure of which would compromise the security of personal data.
Personal data may be processed electronically by automated means, specifically within the system ensuring the operation of the Application or the systems of individual processors, as mentioned above.
We always process personal data in accordance with the relevant legislation and provide them with due care and protection. We make sure that you do not suffer harm to your rights, in particular the right to preserve human dignity and your private and personal life.
- How long do we process personal data?
- Contract
The personal data processed for the purposes of concluding and fulfilling contracts with the Customers are only processed for the duration of the relevant contract (e.g., for the duration of the Customer’s registration or duration of the purchased Subscription).
After that, we may still process personal data for the following purposes:
- Legal obligations
We process personal data processed under our legal obligations within the time limits required by the respective legal regulations.
We must process the personal data required by the legislation regulating the Tax and Accounting obligations of the Provider (typically billing data and information about the provided performance) for accounting and tax compliance purposes. The processing period is 5 years from the end of the accounting year, in the case of documents relevant for VAT payments, it is 10 years from the end of the tax period in which the transaction took place.
We archive relevant personal data in accordance with the requirements of the Archiving Act.
- Legitimate interests
The data processed to protect our legitimate interest of our defense against claims of Customers, or third parties, including saving time stamps proving conclusion of a contract with the Customer, are processed for the duration of the relevant limitation periods, which may last for up to 15 years from the occurrence of the relevant event. Unless a relevant claim is made or procedure is commenced, the data is typically processed for 5 years from the termination of the contract with the Customer.
The personal data processed for the purposes of analyzing and improving the Software and Website is processed for [2 (two) months.]
- Sending commercial communications
We send commercial communications and process personal data for these purposes until you unsubscribe in accordance with the procedure set out in paragraph 1.4 of this document.
- Longer processing
Personal data may be processed for a longer period than that set out above where there is a relevant reason for further processing, typically an administrative or legal proceeding is initiated for which the personal data is relevant.
- What are your rights?
First of all, you have the right to ask us to access your personal data, including making a copy of all your personal data. You can do this by using the e-mail provided in the header of this document.
Withdrawal of consent to processing: If we process your personal data on the basis of your consent, you can withdraw your consent to their processing at any time freely and free of charge, via contact email stated above. In such case, we will no longer process your personal data processed on the basis of your consent.
In case of personal data that is not processed on the basis of consent, it is not possible to withdraw consent to the processing. However, we will always assess, upon your request, whether it is still necessary to process your personal data for any of the above purposes.
Your further rights:
We will always inform you about:
- the purpose of processing personal data,
- personal data or, where applicable, categories of personal data subject to processing, including any available information about their source,
- the nature of the automated decision-making, including profiling and information relating to the procedure used, as well as the relevance and expected consequences of such processing for the data subject,
- beneficiaries and, where appropriate, categories of beneficiaries,
- the planned period during which the personal data will be stored or, if it cannot be determined, the criteria used to determine that period,
- all available information about the source of personal data unless it is obtained from you.
Your other rights include:
- to ask us for an explanation,
- to require us to remove the situation, in particular blocking, repairing, supplementing, restricting the processing or destruction of personal data (right to be forgotten),
- to request personal data relating to you in a structured, commonly used, and machine-readable format and transfer this data to another controller without hindering it in any way;
- to submit a question or complaint to the Office for Personal Data Protection (Úřad pro ochranu osobních údajů), website: uoou.cz.
- to object to the processing of personal data concerning you.
- How we protect your personal data
We protect your data. In particular, the following security resources are used for this purpose:
No one else has access to the client data, the passwords are hashed so they cannot be decrypted.