TSH/We – The MASCC sp. z o.o. with registered office in nám. Pod Kaštany 1, 16000 Praha 6, Bubeneč, Prague, entered in the Register of Entrepreneurs of the National Court Register kept by the District Court in Bubeneč, REGON (National Official Business Register No.): 131511144, TIN: 6312671209.
GDPR – Regulation (EU) 2016/159 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 74/52/EC (General Data Protection Regulation).
Website – our website and its subpages: themascc.com.
Recipients – entities to whom we may transfer a part of your personal data, in connection with the performance of certain activities or services by them on our behalf. They may not do anything about your personal data until we have instructed them to do so, and only to the extent we have indicated. They will store your personal data securely and only for as long as we indicate or as required by applicable law.
Cookies – the so-called Internet cookies, i.e. tiny information recorded by the server on your computer disc in the form of small text files.
Who will be your data controller?
The controller of your Personal data: The MASCC sp. z o.o. with registered office in Prague (hereinafter referred to as “MASCC” or “we”) at Pod Kaštany 1, 16000 Praha 6. This means that we decide for what purpose the personal data you have provided to us are processed. We want you to know that we make every effort to keep your personal data safe. We do not provide personal data entrusted to us for a fee. You can contact us directly for information regarding the protection of your personal data at: email@example.com.
What data are we talking about?
This includes personal data collected as part of your use of our services, including the services and other functionalities provided by MASCC on the Website and stored in cookies that are installed on our website, as well as the data we have obtained from publicly available sources, such as social media or through third parties that have suggested that we contact you. If you then decide to cooperate with us, additionally there will be all personal data you provide us with.
For what purposes, on what legal grounds and for how long do you process personal data?
In connection with our business, we process various persons’ personal data for different purposes, to different extent and on different legal basis specified in the GDPR. In order to provide you with as clear information as possible, we have grouped this information together, referring to the legal basis for processing your personal data.
We process your personal data for the purposes set out below on the basis of a legitimate interest (Art. 6.1(f) GDPR) of the MASCC, which is:
- marketing activities provided for you, including the MASCC own services marketing;
- contacting you to answer your question via the Website (e.g. contact form, chat), e-mail, social media or any other available means of communication, and with your consent by e-mail and telephone;
- ensuring the security of the services provided electronically, including preventing fraud and abuse, and ensuring the security of traffic;
- conducting research and analysis of MASCC, among other things, to assess the main interests and needs of visitors to our websites;
- evaluation of payment reliability in connection with the conclusion and performance of a contract or cooperation binding on us;
- debt recovery; conducting mediation, court and arbitration proceedings;
- carrying out statistical analyses;
- storage of data for archiving and accountability purposes (i.e. to fulfill legal obligations).
We retain personal data for these purposes to such processing.
If you choose to enter into an agreement with us, we will process your personal data to the extent necessary to carry out the processing. This applies both to contracts concluded within the framework of providing services by electronic means (e.g. sending a newsletter or an e-book) and to cooperation contracts or provision of services. If in connection with the contract concluded (Article 6.1(b) GDPR) it appears necessary for us to process personal data which have been made available or entrusted to you (the data of your Customers), we shall conclude with you an appropriate data protection agreement (DPA), which shall constitute a legal basis for the processing of such data by us.
We shall retain the personal data provided to us under the contract for the contract duration and also on its termination for the following purposes:
- pursue any claims relating to the performance of the contract;
- prevention of fraud and abuse;
- statistical and archiving;
- or a maximum of the limitation periods provided for by law after the contract termination.
Additionally, the law (Article 6.1(c) GDPR) requires us to process your data for tax and accounting purposes. We will retain this information for as long as required by law.
If you give your consent (Article 6.1(a) GDPR), we will process your personal data for the purpose of:
- storing data in cookies, collecting data from websites,
- adding comments to the website (e.g. on our blog).
We will retain personal data collected based on your consent until it is revoked or the purpose it was processed for has been achieved or until it becomes obsolete. You can withdraw your consent to the processing of personal data at any time by sending an e-mail to: firstname.lastname@example.org.
To whom can we share the data?
Subject to applicable law, we may share your data with other controllers or transfer it to processors whom we commence to process the data, such as hosting providers, cloud computing providers, marketing agencies, subcontractors of our services (such as accounting and legal services) and entities entitled to obtain data under applicable law, such as courts or law enforcement agencies, only if they make a request on an appropriate legal basis, of course.
Is providing personal data voluntary?
Providing your data is voluntary. We require you to provide personal data only at the stage of entering into an agreement with us (e.g. in the scope of sending a newsletter or e-book), and then in connection with the need to settle it (i.e. for accounting, tax or protection against claims).
What are your rights regarding your data?
In connection with the processing of personal data, pursuant to the principles set forth in the provisions on the protection of personal data, including the GDPR, you are entitled to certain rights, including:
- the right to access your data, i.e. the right to obtain confirmation from the MASCC as to whether or not your personal data is being processed by us, or to obtain a copy of your personal data. This is to ensure that you are aware of and able to check how the MASCC uses your personal data. We may refuse to provide a copy of your personal information where this could adversely affect the rights of another person;
- the right to rectification, i.e. the right to request the MASCC to rectify any personal data that is inaccurate or incomplete without delay (e.g. where the MASCC processes your incorrect name or address);
- the right to delete your data (also known as the “right to be forgotten”) – it enables you to request the deletion of your personal data if, for example, your data was used illegally, or your consent was withdrawn (if it was the only reason for processing your data). However, the “right to be forgotten” does not constitute an absolute right to erasure of personal data as there are certain exceptions to this right, e.g. where we still need to use the data to establish, pursue or defend legal claims or to fulfill a legal obligation (e.g. under accounting or tax law);
- the right to restrict processing – you have the right to prevent us from further using your personal data if, for example, the MASCC is in the process of evaluating a request for rectification of your data. If the processing of personal data is restricted, MASCC may still store your personal data, but may not further actively use it (e.g. for the purpose of fulfilling a contract).
To the extent that the processing of your personal data is based on a legitimate interest, you have the right to object to the processing of such data. However, the MASCC may continue to process personal data where it is able to demonstrate valid and legitimate grounds for processing overriding your interests, rights and freedoms or where necessary to establish, pursue or defend a claim.
To the extent that the processing of your personal data is based on consent, you have the right to withdraw your consent at any time. The consent withdrawal shall not affect the lawfulness of the processing that has been carried out on the basis of the consent prior to the withdrawal.
If you would like to exercise any of these rights, simply email us at: email@example.com
What is more, you have the right to lodge a complaint with the supervisory authority responsible for the processing of your personal data by us: President of the Personal Data Protection Office (address: Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw).
Do we transfer your data to countries outside the European Economic Area?
Your personal data may be transferred outside the European Economic Area subject to appropriate legal safeguards, such as standard contractual data protection clauses approved by the European Commission or decisions of the European Commission stating an adequate level of protection (e.g. Privacy Shield).
Do we process your data automatically?
Please be advised that we do not make automated decisions, including those based on profiling.
What about Cookies?
Importantly, we want you to know that:
- The internet browser configuration is possible to prevents storage of cookies on the User’s end device.
- The User may delete Cookies after they are saved by the MASCC through: relevant features of the web browser, software intended for that purpose or using appropriate tools available under the operating system of the User.
Please be notified however that change to the web browser configuration that prevents or limits the Cookies storage on the User’s end device may impair the functionality of the services provided. Similar effects may occur when deleting the Cookies in the course of the service provision.
Information on how to delete Cookies in the most popular web browsers are included in the following links:
Use of Google Analytics for website analysis
This website operator notifies that in order to collect and analyze aggregated information on the portal use, it uses the Google Analytics service. Please visit this location to learn more about how this service collects and processes data.
Using Disqus for comments
The data is transferred to Disqus on the basis of your agreement with Disqus, which allows you to use Disqus. The purposes and duration of data processing in Disqus are determined by Disqus itself which we cannot influence.
In this case, your data is processed on the basis of your consent resulting from a comment addition. The data is processed solely for the purpose of publishing the comment on the blog. Some of the data (name and surname, profile photo) will be publicly available on the blog next to your comment.
Should I still know something?
For matters not covered by these Policy, provisions of law and particularly of the Act on provision of services by electronic means, the Act on personal data protection, the Civil Code and GDPR shall apply. MASCC reserves the right to modify the Policy due to significant reasons. The following shall be deemed significant reasons: introduction of new, amendments to the existing legislation, adaptation to changes introduced by MASCC. MASCC notifies of the content of the changes by publishing a notice on the change of Policy at themascc.com. The competent court for any disputes arising from the application of this Policy shall be the competent court under the applicable laws.
The date of the last version of the policy is 11/06/2019.