Privacy policy

Last Modified: November 9, 2023

Introduction

  • In accordance with Act No. 101/2000 Coll. and EU Regulation 2016/679 (hereinafter referred to as GDPR), we provide information about the processing of personal data. The controller of your data is Dogfish s.r.o., ID No. 11897953, with its registered office at Komenského 939/21a, 466 01 Jablonec nad Nisou.

What Information We Collect

  • Customer identification data, i.e., particularly name and surname, username, and password in encrypted form;
  • Customer contact details, i.e., personal data enabling us to contact the customer, such as email address, postal address, telephone number;
  • Customer settings, i.e., data stored in their account, mainly addresses, profiles, and service settings including domain name settings;
  • Data on customer orders, i.e., data on the services they have ordered, the method of their payment;
  • Data on customer behavior on the website, i.e., the pages they view, links they click, how they navigate our website and scroll through screens, as well as data about the device they use to view our website, such as IP address and derived location, device identification, its technical parameters like the operating system, its version, screen resolution, the browser used and its version, as well as data obtained from cookies and similar device identification technologies including locational and access data;
  • Data on customer behavior when reading messages we send them, meaning we store times of message openings as well as data about the device they use to read these messages, which includes IP address and derived location, device identification, its technical parameters like the operating system, its version, screen resolution, the browser used and its version, as well as data obtained from cookies and similar technologies;
  • Operational and locational data related to telecommunication traffic, so-called log accesses, which represent clear and irrevocable evidence of facts and actions towards Dogfish and/or third parties; they have an absolutely confidential character and may be submitted and/or provided only at the request of entities that are explicitly authorized by law. We have adopted all technical and organizational measures to ensure the confidentiality of the connection logs we record and store in accordance with the law. The customer explicitly acknowledges that Dogfish stores these accesses.
  • We reserve the right to retain logs of events created by customer access via the interface reserved for the service that is the subject of the contract, for a period equal to or longer than the duration of the contractual relationship. Once the period set for retaining this data has elapsed, it will be deleted, without the possibility of recovery.

Data Stored by the Customer

  • Dogfish does not and is not able to control data that the customer has stored or acquired via the Internet into a reserved space. Therefore, the customer assumes full responsibility for the security of the stored or acquired data. The customer further undertakes to comply with the legal regulations governing the protection of personal data, including obtaining consent from third parties, if necessary.

How We Collect This Information

  • Dogfish typically processes personal data provided by customers directly in the course of ordering services, creating and using an account, or when communicating with us, for example, by email or in the customer center. Dogfish also obtains personal data directly from customers by monitoring their behavior on our website.

For What Purpose We Collect Your Personal Data

  • The aforementioned personal data are processed for the purpose of fulfilling the contract within the ordered services and other activities to ensure the functionality of the services. Personal data are processed for security reasons and legal reasons, such as the storage of operational and locational data related to telecommunication traffic, so-called log accesses. Personal data are also processed for the preparation of offers and marketing activities based on our legitimate interest.
  • The customer undertakes to comply with legal regulations and directives governing the protection of personal data during the use of our services, including obtaining consent from third parties, if necessary. All responsibility for the security of stored or acquired data related to the protection of personal data rests with the customer. Dogfish is not capable of, and does not carry out, control of these data.

S kým a jak sdílíme vaše osobní údaje

  • Všechny výše uvedené osobní údaje zpracovává společnost Dogfish jako správce. To znamená, že Dogfish určuje účely, pro které jsou shromažďovány osobní údaje zákazníka, specifikuje prostředky jejich zpracování a je zodpovědný za jejich řádné provedení.
  • K zpracování osobních údajů Dogfish také využívá služby dalších zpracovatelů, kteří zpracovávají osobní údaje pouze podle pokynů společnosti Dogfish a pro výše uvedené účely. Mezi takové zpracovatele patří:
    • Poskytovatelé cloudových služeb a další technologie a dodavatelé podpory;
    • Provozovatelé marketingových nástrojů, kteří pomáhají společnosti Dogfish s optimalizací webových stránek, personalizací obsahu a nabídkami pro své zákazníky;
    • Poskytovatelé SMS komunikace a nástrojů pro chatování, v případě, kdy zpracovávají osobní údaje k usnadnění komunikace společnosti Dogfish se zákazníky;
    • Poskytovatelé služeb nezbytných pro provádění objednávek, zejména nákup služeb prostřednictvím platební brány.

Kde a jak dlouho uchováváme vaše údaje

  • Vaše osobní údaje jsou uloženy v databázi v zabezpečeném prostředí, které je pravidelně aktualizováno a monitorováno pro zajištění ochrany vašich informací. Kromě toho spolupracujeme s třetí stranou - platební branou Stripe, pro zpracování určitých transakcí, jako jsou platby. Stripe zpracovává a ukládá platební údaje v souladu se svými bezpečnostními standardy a předpisy ochrany dat.
  • Doba uchovávání údajů je určena podle povahy informací a účelu jejich zpracování. Vaše údaje uchováváme pouze po dobu nezbytnou k plnění smluvních a právních povinností, k poskytování služeb a pro účely, pro které byly shromážděny.

How We Protect Your Personal Data

  • Access to all information collected, stored, and secured in its systems by Dogfish is limited to authorized employees or workers only. Dogfish adheres to all regulations set forth by the law and legal provisions of the Czech Republic and the European Union when handling personal data. Dogfish maintains its systems under constant supervision and continuously implements the latest security findings to ensure the confidentiality of users' personal data, taking measures to limit risks associated with unauthorized access or loss, damage, or deletion of users' personal data.

Customer Rights in the Processing of Personal Data

  • Right to access: The customer has the right to know what data we process about them, for what purpose, for how long, where we obtain their personal data, to whom we transfer it, who processes it outside of our company, and what other rights the customer has regarding the processing of personal data. All this information can be found above. If the customer is not sure what personal data Dogfish processes about them, they can inquire about this fact, and if Dogfish processes such data, the customer has the right to access them. The customer may ask the company for a copy of the processed personal data. The first copy is free, subsequent copies are subject to a fee.
  • Right to rectification of processed personal data that are inaccurate or incomplete: The customer has the right to have the company correct them without undue delay, or possibly supplement them, after proper verification of the customer's identity.
  • Right to erasure: In certain cases, the customer has the right to have the company delete their personal data without undue delay. This applies in the following cases:
    • The company no longer needs the customer's personal data for the purposes for which they were processed;
    • The customer withdraws consent to the processing of personal data, and there is no other reason for the company to continue processing these data;
    • The customer exercises their right to object to the processing of personal data that the company processes based on its legitimate interests, and the company finds that it no longer has such legitimate interests that would justify this processing;
  • The customer believes that the processing of personal data by the company has ceased to be in compliance with generally binding regulations. This right to erasure does not apply if the processing of the customer's personal data is still necessary for the fulfillment of the company's legal obligation or the establishment, exercise, or defense of its legal claims.
  • Right to restriction of processing: Besides the right to erasure, the customer may exercise the right to request that their personal data be marked and not be subject to any further processing operations, not forever (as in the case of the right to erasure), but only for a limited time.
  • Right to object to processing: The customer may object to the processing of personal data that the company processes based on its legitimate interest. Regarding marketing activities, the company will stop processing the customer's personal data without further ado; in other cases, it will do so unless it has serious legitimate reasons to continue such processing.
  • Right not to be subject to automated decision-making.
  • Right to lodge a complaint: This allows the customer to lodge a complaint with the relevant supervisory authority, despite the exercise of the above rights. This right may be exercised primarily if the customer believes that the company is processing their personal data unlawfully or in violation of generally binding legal regulations. A complaint against the processing of personal data by the company can be lodged with the Office for Personal Data Protection – website www.uoou.cz.

Final Provisions

  • You agree to these conditions by registering for services through the web application. By registering, you confirm that you have been informed about the personal data protection conditions and that you accept them in their entirety. Dogfish is entitled to change these conditions. The current valid version of the personal data protection conditions is always published at www.chillisign.io. For all matters related to the processing of your personal data, whether it is a question, exercising a right, filing a complaint, or anything else, you can contact us by email at info@chillisign.io.