PROCESSING AND PROTECTION OF PERSONAL DATA - SpreadCharts s.r.o.
YOUR DATA IS SAFE WITH US
If you are our customer, subscriber, or visitor to the site, you are providing us your personal information. We are responsible for their protection and security. Please be aware of the privacy, policy, and rights you have in connection with the GDPR (General Data Protection Regulation).
Who is the administrator?
We are the team of SpreadCharts s.r.o., based in Korunní 926/30, 120 00 Praha 2, Company registration number 01909321, VAT registration number CZ01909321, represented by the Executive Director Jan Rohrbacher. We run the website spreadcharts.com and application at app.spreadcharts.com. We are in the position of an administrator with respect to your personal data: We determine how personal data will be processed, for what kind of purposes, for how long and how many additional processors will assist us in processing.
How can you contact us?
If you wish to contact us during processing, you can contact us at the following e-mail address: system(at)spreadcharts.com
We declare that, as the administrator of your personal data, we comply with all legal obligations required by applicable law, in particular the Personal Data Protection Act and the GDPR, and that:
- we will process your personal data only on the basis of a valid legal reason, namely the legitimate interest, fulfilling the contract, legal obligation or given agreement.
- with the GDPR obligation under Article 13 we comply a prior notice to the processing of personal data
- we will allow you and we will support you in filling and enforcing your rights under the Personal Data Protection Act and the GDPR.
Extent of personal data and purpose of processing
We process personal information you entrust to us for the following reasons (to fulfil these purposes):
- Provision of services and performance of the contract
your personal data in the extend of: billing information, e-mail, telephone, or mailing address, which we need to fill the contract (eg sending login login credentials, password, premium content, etc.).
If you are a customer, we need your personal data (billing information) to comply with the statutory obligation to issue and record tax documents.
We use your personal information (email and name), gender, what you click on in e-mail and when you open with highest probability for direct marketing - sending business messages, news from markets, information about new features of our applications. If you are our customer, we are doing so because we can suppose that you are interested in our news.
If you are not our customer, we will send you newsletters only based on your agreement, for a period of 5 years from now.
We may also send you inspirational third-party offers or use your email address, for example, for remarketing and targeting your Facebook ad, with your agreement only for a maximum of 1 year from your agreement. This can, of course, be withdrawn at any time through our contact information.
Providing of personal data to third parties
Our employees and co-workers, who are confidential and trained in the security of personal data processing, have access to your personal data.
Most of the processing operations are handled by ourselves and we do not need the 3rd parties.
In order to provide some specific processing operations that we cannot provide ourselves, we use the services and applications of processors who specialize in the processing and are in compliance with the GDPR.
They are the providers of the following platforms and services:
AWS EC2, SES - server infrastructure, mail server
Amazon Web Services, Inc., 410 Terry Ave North, Seattle, WA 98109-5210, USA
Fastspring - payment processor
Bright Market, LLC d/b/a FastSpring, 801 Garden St. #201, Santa Barbara, CA 93101, USA
Drip.com - Email and marketing solutions
Avenue 81 Inc., 251 1st Avenue North Suite 200, Minneapolis, MN 55401, USA
Facebook - FB pixel
Facebook Ireland Ltd, 4 Grand canal square, Dublin 2, Irsko, VAT IE9692928F
Google - Gmail, Google Analytics
Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
It is possible that in the future we will decide to use other applications or processors to facilitate and improve the processing. However, we promise you that in this case we will set on the processor the same maximum requirements for the security and quality as we keep on ourselves.
Ads targeting cookies will only be processed based on your agreement.
Security and Privacy
We protect personal data to the fullest possible extent using modern technologies that are correspondent to the level of technical development. We protect them as if they were our own. We have accepted and maintained all possible (currently known) technical and organizational measures that prevent the misuse, damage or destruction of your personal information.
Transmission of data outside the EU
We process data only in the European Union or in countries that provide an adequate level of protection on the basis of the European Commission's decision.
Your rights in relation to the protection of personal data
You have a number of rights in relation to the protection of your personal data. If you wish to use any of these rights, please contact us via email: system(at)spreadcharts.com.
Thanks to access law, you can ask us at any time and we will provide you with a notice within 30-days on how we process your personal data and why.
If anything changes or you find your personal information outdated or incomplete, you have the right to add and change your personal information.
You have the right to limit your data processing if you think we are processing your inaccurate data, or you think that we are processing it illegally, but you do not want to delete all the data, or if you raise objection to the processing. You can limit the range of personal data or processing purposes. (For example, signing out from the newsletter restricts the purpose of processing when sending business messages.)
The right of portability
If you would like to take your personal information and transfer it to someone else, we will proceed as we would do with the right of access - except that we will deliver the information in machine-readable form. Here we need at least 30 days.
Right to be deleted (be forgotten)
Your next right is the right to be deleted (be forgotten). We do not want to forget about you, but if you wish to do so, you have the right. In this case, we will delete all your personal data from the system and from the system of all partial processors and backups. We need 30 days to secure the right process of deleting.
In some cases, we are bound by a statutory obligation and, for example, we must record the tax documents issued after the statutory time. In this case, we will delete all such personal data that is not bound by any other law. We will notify you by e-mail about the completion of the deletion.
Complaint at the Office for Personal Data Protection
If you feel that we do not comply with the law regarding your data, you have the right to appeal at any time to the Office for Personal Data Protection. We will be very pleased if you first inform us about this suspicion, so we can do something about it and correct any misconduct.
Unsubscribe from newsletters and business announcements
Emails with inspiration, articles or products and services are sent to you when you are our customer based on our legitimate interest. You can unsubscribe via the unsubscribe link in every email.
Please be assured that our employees and co-workers who process your personal information are required to maintain confidentiality about personal information and security measures whose disclosure would compromise the security of your personal information. Without your permission, your personal data will not be released to any third party.
These privacy policies apply from May 25, 2018.