Passengera s.r.o., Company ID No. 04276515, with its registered office at Evropská 2758/11, 160 00 Prague 6, registered in the Commercial Register maintained by the Municipal Court in Prague (file number C 245006, also referred to as "We"), as the controller of personal data, informs you, the user of our websites, our subscribers, suppliers, and those involved in the development and testing of our products about the personal data collection practices and privacy policies described below.
Protecting your personal data is important to us, so we will always follow these principles in our relationships with you. These Privacy Policy principles explain in particular:
- what personal data we will process;
- for what purposes and by what means we will process your personal data, and the legal basis for processing;
- to whom your personal data may be transferred;
- how long we will process your personal data;
- what rights you have in relation to the protection of your personal data.
Should you need any part of the text explained, need advice, or wish to discuss the further processing of your personal data, you can contact us at any time at the email address gdpr@passengera.com or at our company's registered office address.
SCOPE OF PERSONAL DATA PROCESSING
1. If you visit our website, we will process the following personal data:
Cookies
2. If you contact us as job applicants (whether through the website startupjobs.cz or by other means), you will be asked to provide certain information about yourself, which we will further process, namely:
- name and surname;
- email address and telephone number;
- curriculum vitae, which may contain, besides the aforementioned, at least information about your education, work experience, and other knowledge or expertise according to the position required; if you provide additional personal data in your resume, it is your free decision to provide us with this data and therefore we will also process these personal data provided by you for the purpose of the selection process.
3. If you are our customers or suppliers, you may be asked for your details, which we will further process, and they are mainly the following personal data:
- name and surname, date of birth or Business ID No.;
- representing company (business name);
- address, telephone number, and email address;
- job position of the company representative;
- bank account number;
- other personal data necessary for fulfilling our mutual agreement.
4. If you participate in the development and testing of our products, we will process personal data necessary for collaboration on development and testing, which in some cases may concern special categories of personal data, especially concerning health status. A complete list of personal data cannot be provided in general without specifying a particular project, and these will always be communicated to you within the specific project, however, we will always require:
- name and surname;
- email address.
COOKIES
Our websites use cookies (small text files placed on your device) to provide websites and online services and collect data. The text in the cookie file often consists of a series of numbers and letters that uniquely identify your computer but may contain other information. We may collect this information when you interact with the website, such as when you submit a registration form or a job application form. You can learn more about cookies, for example, on the internet encyclopedia Wikipedia at the address https://cs.wikipedia.org/wiki/HTTP_cookie
We collect these pieces of information when you access our website. Some cookies are necessary for the functioning of the websites and these will always be active. Other cookies, which do not serve the operation of the websites, can only be used provided you give us consent through your browser settings. If your web browser is set to allow third-party cookies, such setting is considered consent to the use of these cookies.
Furthermore, our websites may collect information including, for example, the type of browser or operating system, IP address, website visits, internet connection provider, and other similar information.
HOW TO REJECT THE USE OF COOKIES
Some of our service features are based on cookies. Even if you have consented to the use of cookies that track your behavior on the websites, you can subsequently block their usage. If you decide to block cookies, you likely will not be able to sign in or use some features, and you may lose some preferences that are based on cookies. The use of cookies can be set using your internet browser. Most browsers automatically accept cookies by default. Cookies can be declined or set to use only some cookies through your web browser.
Information about browsers and how to set cookie preferences can be found on the following websites:
- Chrome
- Firefox
- Internet Explorer
- Safari
- Android
A tool for managing cookies is also available at http://www.youronlinechoices.com/cz/.
PURPOSES AND LEGAL BASIS FOR PROCESSING
1. If you are visitors to our website, we process your personal data in the form of cookies as stated above, based on our legitimate interest, which lies in our interest in monitoring the use of our services and improving them. We will process your personal data only for the purposes stated above. Providing the above data is not a requirement from us, but without providing this data some functionality of our websites may be limited. Your personal data will not be used for any exclusively automated decision-making, including profiling based on such decision-making.
2. If you are job applicants with us, we process your personal data because of the legitimate interest that lies in our intention to fill our vacant positions and in your interest to obtain employment according to your expectations. The purpose of processing is therefore to find a suitable candidate for the vacant position we are seeking. We use the information you provide to contact you about the status of the selection process. We will process your personal data only for the purpose mentioned above, and if you apply for a specific job position, we will process personal data only for the purpose of filling that job position, or possibly for positions similar to the position you are inquiring about. The provision of the above data is a requirement from us, without providing this data, we cannot include you in the selection process. Your personal data will not be used for any exclusively automated decision-making, including profiling.
If you apply for a job with us, you may also give us your consent to process personal data, namely for processing data for selection procedures for five years, or consent to send administrative and marketing communication from the controller and invitations to events, trade fairs, and workshops. For these mentioned processing activities, the legal basis is your given consent, which we will not enforce and is completely voluntary; you can give us just one of the consents, which are therefore entirely separate. Giving consent is not a contractual requirement from us, but consent to retain data for selection procedures for 5 years will allow us to contact you for a longer period, and we can offer you a job position with us for a longer time. Consent to send administrative and marketing communications and invitations to events, trade fairs, and workshops allows us to send you information that could be interesting and beneficial for you from our point of view; we will certainly not overload you in any way.
3. If you are our subscribers or suppliers, we process your personal data especially because they are necessary for fulfilling the contract or legal obligations (particularly tax and accounting), or on the basis of legitimate interest (which lies in particular in the ability to improve our services and contact you with our offers). The purpose of processing is, therefore, especially to ensure the smooth realization of our business relationship and further development of joint business cooperation. We may use your name, surname, and email address to send you commercial and marketing communications and invitations to events, trade fairs, and workshops, i.e., to provide you with information that in our opinion could be interesting and beneficial for you. We may further use your personal data for our internal needs concerning particularly the monitoring of your satisfaction, optimization, and improvement of the quality of provided products and services, development of new products, and risk reduction. The provision of personal data for the purposes of fulfilling the contract and legal obligations is a requirement from us, and lack of provision may be a reason for not concluding the contract or terminating further business cooperation. However, processing your personal data for the purpose of sending commercial communications is not a contractual requirement, and you can refuse it at any time, and it will not affect our other mutual relations. Just send us an email with the relevant request to gdpr@passengera.com or another address from which you received the commercial communication. Your personal data will not be used for any exclusively automated decision-making, including profiling.
4. If you participate in the development and testing of our products, all detailed information will be provided to you before the start of the given project, since each project is original, and information cannot be provided generically. However, we will always process your name, surname, and email address to be able to contact you. Providing this data is a requirement from us.
WHO HAS ACCESS TO YOUR PERSONAL DATA
Your personal data may be processed by processors on our behalf for certain activities or may be provided to recipients; these will mainly be the following entities:
- Entities that provide us with server, web, cloud, or IT services;
- Entities that provide us with accounting services;
- Entities that provide us with legal services;
- Entities that are involved in the development and testing of our products;
- Processors who provide other services to the company – consultations, audits, and other external services.
Given the frequency of our projects, in some cases, we may also become a joint controller with our partner; if this case occurs, we will inform you about it in the specific case.
HOW LONG WE PROCESS PERSONAL DATA
We will process your personal data for as long as we provide you with our services or fulfill the mutual contract, for the duration of our legitimate interest, or for as long as necessary to fulfill archival and other obligations under applicable legal regulations, such as the Accounting Act, the Archives and Records Management Act, the Value Added Tax Act, and others.
We will retain your personal data for as long as is necessary to provide our services, to complete the required transactions, or for other purposes, such as complying with our legal obligations, resolving disputes, and enforcing our agreements. The needs for different types of data can vary in different situations, so the actual retention period for information can differ significantly. The criteria that determine how long information is retained include:
- How long are the personal data needed to provide the services and ensure the operation of our company? This includes activities such as maintaining and improving the performance of these services, maintaining the security of our systems, and maintaining relevant business and financial records. This is generally the rule that forms the basis for determining data retention periods in most cases.
- Do you provide us with your data with the expectation that we will keep them until you expressly ask for their deletion? If so, we will delete them based on your explicit request.
- Have we introduced and announced a specific retention period for a certain type of data? If so, we will certainly never exceed it.
- Have you given consent to extend the retention period of information? If so, we will store the data in accordance with your consent.
- Are we subject to legal, contractual, or similar obligations to retain data? Examples include laws governing mandatory data retention, government regulations to retain data related to an investigation, or data that must be retained for the purposes of a legal dispute.
Considering the above criteria, which may vary over time (especially concerning changing legal regulations), we cannot set retention periods generally in these principles. However, we will always provide you with the exact processing time for your personal data if you contact us (for example, by sending an email to gdpr@passengera.com).
YOUR RIGHTS ARISING FROM THE PROCESSING OF PERSONAL DATA
In relation to our processing of your personal data, you have the following rights:
- the right of access to personal data;
- the right to rectification;
- the right to erasure;
- the right to restrict data processing;
- the right to object to processing;
- the right to data portability;
- the right to human intervention, the right to express your opinion, and the right to challenge decisions;
- the right to lodge a complaint about the processing of personal data.
Your rights are explained below so that you can make a clearer idea of their content.
The right of access means that you can request confirmation from us at any time as to whether or not personal data concerning you is being processed, and if so, for what purposes, to what extent, to whom they are disclosed, how long we will process them, whether you have the right to rectification, erasure, restriction of processing, or to object, where we have obtained the personal data from, and whether there is any automated decision-making based on the processing of your personal data, including any profiling. You also have the right to obtain a copy of your personal data, with the first provision being free of charge and for subsequent provision, we may require reasonable compensation for administrative costs.
The right to rectification means that you can ask us at any time to correct or complete your personal data if they are inaccurate or incomplete.
The right to erasure means that we must erase your personal data if (i) they are no longer necessary for the purposes for which they were collected or otherwise processed, (ii) processing is unlawful, (iii) you object to the processing and there are no overriding legitimate grounds for processing, (iv) we are required by law, or (v) if you have revoked your consent to the processing of personal data.
The right to restrict processing means that until we resolve any disputed issues regarding the processing of your personal data, we must not process your personal data other than by storing them, and potentially we may use them only with your consent or for the purpose of determining, exercising, or defending legal claims.
The right to object means that you can object to the processing of your personal data that we process for the purposes of direct marketing or due to legitimate interest.
If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes; in case of an objection against processing due to legitimate interest, this objection will be evaluated and subsequently we will inform you as to whether we have accommodated it and we will no longer process your data, or that the objection was unfounded and processing will continue. In any case, processing will be restricted while the objection is being resolved.
The right to data portability means that you have the right to obtain personal data concerning you, which are processed automatically and based on consent or a contract, in a structured, commonly used, and machine-readable format, and the right for these personal data to be transferred directly to another controller.
If you have comments or complaints concerning the protection of your personal data, or have questions about the data protection officer in our companies, or are exercising some of your rights, please contact us using our email address gdpr@passengera.com. We will respond to your inquiries or comments within one month.
Our activities are also supervised by the Office for Personal Data Protection, where you can file a complaint if you are dissatisfied. Learn more on the authority's website (www.uoou.cz).
REPORTING SECURITY INCIDENTS
In today's world full of modern technologies, although slight, there is a risk that your personal data could be leaked, misused, or lost. As part of our activity, we will do everything in our power to prevent such a security incident from happening, especially by regularly training all our employees who come into contact with your personal data on the topic of personal data protection, adopting and acquainting our employees with internal company policies governing the protection of your personal data, and always using only the most appropriate technical solutions to secure our processing, such as data encryption, complex passwords, and appropriate software.
However, if despite our best efforts, a security incident occurs and this incident could pose a high risk to your rights and freedoms, we will inform you about it immediately, through the provided email address and by publishing such information on our websites, including all necessary details.
CHANGES TO THE POLICY
Our personal data protection policies may be changed from time to time. We will not limit your rights arising from these personal data protection policies without your explicit consent. Any changes to the personal data protection policy will be published on this page, and if the changes are significant, we will inform you more conspicuously (for some services, we may announce changes to the personal data protection policy by email).
These Privacy Policies are effective from May 25, 2018.