PRINCIPLES OF PERSONAL DATA PROTECTION
I. Company Introduction and Contact Details
OCTOPUS Newsroom, s.r.o.
Id. No.: 267 37 817,
with its registered office at Nad tratí 297/6, Vokovice, 160 00 Prague 6
tel.: +420 221 181 511
II. General Information
We are aware of the importance of protecting the personal data and privacy of our customers / users. The processing of personal data shall take place exclusively in accordance with the relevant legislation on the protection of personal data, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons regarding the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC and Act No. 110/2019 Coll., on the Processing of Personal Data, as amended.
For us, «personal data» means information that identifies you, such as your name or email address. All information outside this definition is «non-personal data«.
If we store your personal data together with non-personal data, we consider such a combination to be personal data. If we remove all your personal data from the data set, the remainder is non-personal information.
III. Data Collection
3.1. Following types of personal data may be collected, stored, and used:
3.1.1. Data automatically collected or generated:
— technical and aggregated usage data, such as IP addresses and general locations, device, and application data (like type, operating system, mobile device or app id, browser version, locale and language settings used), date and time stamps of usage
— relevant cookies and pixels installed on or interacted with via such device, and the recorded activity (sessions, clicks, use of features, logged activities and other interactions) of visitors and users in connection with the OCTOPUS Software
— phone calls (e.g., with our customer service or product consultants) may be automatically recorded, tracked, and analyzed, for purposes including analytics, service, operations, and business quality control and improvements, training, and record-keeping purposes
3.1.2. User Data Received from You:
— name, workplace, and position
— contact details (such as e-mail address, phone, and address)
— account login details (e-mail address and passwords which are automatically hashed). You may also provide us with your location, time-zone, skills, device, general location, and activity logs and data; as well as your preferences, characteristics, and objectives for using the OCTOPUS Software
— additional data such as billing details, bank accounts, business needs and preferences
3.1.3. User Data received from our customers / users:
Customers / users may provide us with contact details of potential users, such as their employees, team members and colleagues, for us to contact, invite or subscribe them as users to our system (including by using Single sign-on tools). Such data may be provided with the express consent of data subject and to the extent of such consent. Such data typically includes:
— these individuals’ names, phone numbers and work e-mails, however
— additional data may be provided at the discretion of those providing it.
3.1.4. Data received from other third parties:
We may receive personal data which relates to you from other sources based on your express consent, which you give to a third party, to the extent of such consent. For example, if you participate in an event, webinar or promotion that we sponsor or participate in, we may receive your personal data from its organizers. We may also receive your contact and professional details (e.g., your name, company, position, contact details and professional experience, preferences, and interests) from our business partners, service providers, and using tools and channels commonly used for connecting between companies and individual professionals in order to explore potential business and employment opportunities, such as LinkedIn.
3.1.5. You may also send us a “Contact Us” or support requests, or provide us with feedback, reviews, or responses to our surveys or promotions, including by submitting an online form on social media channels, by posting on any of our online public forums or communities, by sending an e-mail to any of our designated addresses, or any other form of communication. Such data may include details on an issue you are experiencing, contact information and any other documentation, screen recording, screenshots, or other information.
IV. The Purpose of Personal Data Processing
4.1. The purpose of processing personal data is:
— to comply with all applicable laws and regulations
— for exercising rights and fulfillment of obligations with your request addressed to OCTOPUS via the contact form, in connection with the contractual relationship between OCTOPUS and you as a customer
— to support our legitimate interests — to process data based on a legitimate interest, it must be an interest that objectively outweighs the right to privacy, the purpose cannot be achieved otherwise, and all measures are taken to minimize any interference
— for marketing purposes — sending business messages, newsletters and other marketing and sales activities of OCTOPUS towards you as a data subject, only if you have given your express consent. In this case, you indicate your choice by checking the box provided. If you wish to revoke your consent, please contact us at email@example.com.
4.2. Specifically, we use personal data for the following purposes:
— to facilitate, operate, and provide our system
— to authenticate the identity of our customers/users, and to allow them to access our tools
— to provide our customers / users with assistance and support
— to gain a better understanding on how customers / users evaluate, use and interact with the OCTOPUS Software, and how OCTOPUS could improve its products, offerings and the overall performance of its tools
— to facilitate and optimize OCTOPUS marketing campaigns, ad management and sales operations, and to manage and deliver advertisements for its products and services more effectively, including on other websites and applications
— to contact customers / users with general or personalized tools-related messages, as well as promotional messages that may be of specific interest to them
— to facilitate, sponsor and offer certain events, contests and promotions
— to publish your feedback and submissions to OCTOPUS sites, public forums and blogs
— to support and enhance our data security measures, including for the purposes of preventing and mitigating the risks of fraud, error or any illegal or prohibited activity
— To create aggregated statistical data, inferred non-personal data or anonymized or pseudonymized data (rendered non-personal), which OCTOPUS may use to provide and improve our respective services
V. Data Sharing
5.1. Recipients / Processors: In the case of certain activities, such as cooperation within the OCTOPUS group, interconnection with other service providers, marketing activities, etc., we cooperate with third parties to whom we will make some of your data available within this cooperation. When providing your personal data to third parties, we always take the utmost care that the data is made available only to the extent necessary, and to trusted entities, in accordance with legal compliance requirements.
5.1.1. Processors: Entity that processes personal data based on a special law or authorization by the administrator.
5.1.2. Legal Compliance: In exceptional circumstances, we may disclose or allow government and law enforcement officials, such as organs of state administration, courts, bodies active in criminal proceedings, etc., access to your personal data, in response to a subpoena, search warrant or court order (or similar requirement), or in compliance with applicable laws and regulations. Such disclosure or access may occur if we believe in good faith that: (a) we are legally compelled to do so; (b) disclosure is appropriate in connection with efforts to investigate, prevent, or act regarding actual or suspected illegal activity, fraud, or other wrongdoing; or (c) such disclosure is required to protect the security or integrity of our products and services.
5.1.3. Service Providers: Such service providers include providers of third party services, hosting and server co-location services, communications and content delivery networks (CDNs), data and cyber security services, billing and payment processing services, fraud detection, investigation and prevention services, web and mobile analytics, e-mail and communication distribution and monitoring services, session or activity recording services, remote access services, performance measurement, data optimization and marketing services, social and advertising networks, content providers, e-mail, voicemails, support and customer relation management systems, and our legal, compliance and financial advisors and auditors ( “Service Providers”). These Service Providers may have random access to your personal data, depending on each of their specific roles and purposes in facilitating and enhancing our tools, and may only use it for such limited purposes as determined in our agreements with them.
5.1.4. Application Providers and Event Sponsors: Based on your explicit consent and to its extent, we may share your personal data (such as your user profile and contact details, as well as relevant usage data) with the provider(s) of any third-party applications or integrations added to your account. Similarly, if you register to any event that we host, organize or sponsor, then with your permission we may share your registration details with others, including the hosts, organizers, speakers, service providers and sponsors of that event, so that they may contact you with relevant information and offers, or to fulfill any promotions related to the event.
5.1.5. Partnerships: We engage selected business and channel partners, resellers, distributors, and providers of professional services related to our OCTOPUS Software which allow us to explore and pursue growth opportunities by facilitating a stronger local presence and tailored experiences for our prospective and existing customers and users. In such instances, we may share relevant contact, business, and usage details with the respective partner, to allow them to engage with those customers and users for such purposes.
5.2. OCTOPUS staff: Only a limited group of employees are required to access your data and are required to follow binding security procedures. Employees are required to maintain confidentiality and are regularly trained. We have set up technical and organizational measures to prevent unauthorized access, change or loss of personal data.
5.3. Feedback or Recommendations: If you submit a review or feedback, note that we may (at our discretion) store and present your review to other visitors and users of our sites (including other customers). If you wish to remove your review, please contact us at firstname.lastname@example.org
6.1. We use so-called cookies within the website. Cookies are small text files containing short data that can be stored on your computer when you visit our website. Cookies can be either «permanent» or «relational». Permanent cookies will be stored by the web browser and will remain valid until their expiration date unless they are deleted by the user before the expiration date. Relational cookies, on the other hand, expire at the end of a user’s session after the web browser is closed. Cookies do not normally contain any information that would uniquely identify users, but the personal information we store about you may be linked to information stored and retrieved from cookies.
6.2. We use the following cookies on our website:
— cookies required for the operation of the website, which are necessary to ensure the full functionality of the use of our website, so-called technical cookies
— cookies, which are not necessary for the website, but their use improves the user experience and makes it easy to browse the web. These cookies are used to improve the range of our products (e.g. load reduction)
— ever cookie (to distinguish between existing and new customers)
6.3. The storage of cookies can generally be disabled in the web browser settings (it is also possible to disable the possible use of third-party cookies). Blocking all cookies or restricting them can have a negative impact on the usability of the website.
VII. Form of Personal Data Processing
7.1. OCTOPUS will process personal data to the extent defined above and for a defined purpose manually in written or electronic form by its own employees or personal data processors. There will be no automated decision-making or profiling when processing personal data.
VIII. Storage of Personal Data
8.1. Personal data will be stored for the time strictly necessary for the fulfilment of legal or contractual obligations of OCTOPUS or until the revocation of consent to the processing of personal data. In the case of processing based on the legitimate interest of the controller, the data are processed for the time strictly necessary.
IX. Data Security
9.1. In order to protect your personal data held with us, we use industry-standard physical, procedural and technical security measures, including encryption as appropriate.
9.2. Each person to whom OCTOPUS allows access to data is also obliged, on the basis of a concluded contract, to observe technical and organizational measures that ensure data security. Measures against the possible acquisition of your personal data by a third party are both at the technical level (management of access rights to systems, recording of access to key information, security of particularly sensitive information at the database level, etc.) and procedural. If it is our duty to transmit data on the basis of the law, we are not entitled to require compliance with such measures, as the conditions are stipulated by the relevant legal regulation.
X. Transfer of personal data
10.1. In connection with personal data processing, it is possible that we will pass on personal data to the following categories of recipients: authorized representatives and advisers (such as tax and accounting advisers, auditors, lawyers), service providers, state and public authorities, OCTOPUS branches in third countries outside the EU). We transfer personal data to third parties only if it is strictly necessary for the fulfilment of our contractual obligations, if we or a third party has a legitimate interest in processing personal data if we are obliged to do so in accordance with applicable law or if you have agreed to the transfer.
10.2. Personal data transfer to third countries outside the EU
In connection with the possible transfer of personal data to third countries outside the EU (the U.S., Thailand), you acknowledge that the relevant personal data protection legislation does not apply in third countries as in the EU, and that the same rights and the same guarantees enforceable in the territory of the EU cannot be guaranteed, as a result of which there is possible risk for you from transferring personal data to third countries. Despite the above, we will make a maximum effort to sign with third countries standard contractual clauses in accordance with the decision of the European Commission. You hereby expressly consent to the transfer of the personal data to third countries.
11.1. We engage in service and promotional communications, through e-mail, phone, SMS, and notifications.
11.2. Service Communications: We may contact you with important information regarding our tools. For example, we may send you notifications (through any of the means available to us) of changes or updates to our tools, billing issues, service changes, log-in attempts or password reset notices, etc.
11.3. Promotional Communications: We may also notify you about new features, additional offerings, events and special opportunities or any other information we think our Users will find valuable. We may provide such notices through any of the contact means available to us (e.g. phone, mobile or e-mail), through our marketing campaigns on any other sites or platforms. If you do not wish to receive such promotional communications, you may notify us at any time by sending an e-mail to email@example.com.
XII. Data Subject Rights
12.1. The provision of personal data is voluntary, and you can revoke it at any time with effect in the future through the above-mentioned contact email or, for example, via the unsubscribe link contained in the newsletter). As a data subject, you have the following rights:
— to request access to personal data, including the right to provide a copy of the processed personal data
— to revoke the consent at any time, even without giving a reason, by sending the revocation of consent to the email address of the controller
— to request the correction of personal data or request the deletion of personal data
— to limit the processing of personal data
— to object to the processing of such personal data at any time
— on the transferability of data to another controller
— to report personal data breaches
— to file a complaint with the supervisory authority, which is the Office for Personal Data Protection, with its seat at Pplk. Sochor 27, 170 00 Prague 7, www.uoou.cz.
12.2. If you are interested in exercising the above-mentioned rights of the data subject, you may send your request in writing to the OCTOPUS registered office address mentioned above or to the above-mentioned email.
By checking the box provided, I hereby grant OCTOPUS my consent to the processing of provided personal data for marketing purposes for an indefinite period or until its revocation. If you wish to revoke your consent, please contact us at firstname.lastname@example.org.