PRIVACY POLICY IN HARDEN CONSTRUCTION CZ s.r.o.

 

1. Definitions
   • Controller – Harden Construction CZ s.r.o., with its registered office at Bezová 1658/1, 147 00 Prague 4-Braník, Czech Republic.
   • Personal Data – information about an identified or identifiable natural person, which can be identified through one or more specific factors determining their physical, physiological, genetic, psychological, economic, cultural, or social identity, including the device IP address, location data, internet identifier, and information collected via cookies or similar technologies.
   • Policy – this Privacy Policy.
   • GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC.
   • Service – the online service managed by the Controller at https://harden-construction.com/.
   • User – any natural person visiting the Service or using one or more services or functionalities described in the Policy.
2. Processing of data in connection with the use of the Service
   • In connection with the User’s use of the Service, the Controller collects data to the extent necessary to provide individual services offered, as well as information about the User’s activity within the Service. Below are detailed rules and purposes for the processing of Personal Data collected while using the Service by the User.
3. Purposes and legal bases for data processing within the Service

USE OF THE SERVICE

• The Personal Data of all persons using the Service (including the IP address or other identifiers and information collected via cookies or similar technologies) who are not registered Users (i.e., persons who do not have a profile in the Service) is processed by the Controller:
  • for the purpose of providing electronic services in the scope of making the Service content available to Users – in this case, the legal basis for processing is the necessity of processing to perform the contract (Art. 6(1)(b) GDPR);
  • for analytical and statistical purposes – in this case, the legal basis for processing is the Controller’s legitimate interest (Art. 6(1)(f) GDPR), consisting of analyzing Users’ activity and preferences to improve functionalities and services provided;
  • for the purpose of potentially establishing and pursuing claims or defending against claims – the legal basis for processing is the Controller’s legitimate interest (Art. 6(1)(f) GDPR), consisting of protecting its rights.
• The User’s activity within the Service, including their Personal Data, is recorded in system logs (a special software designed to chronologically store records containing information about events and actions related to the IT system used to provide services by the Controller). Information collected in logs is processed primarily for purposes related to the provision of services. The Controller also processes it for technical and administrative purposes, ensuring IT system security, and management of the system, as well as for analytical and statistical purposes – in this regard, the legal basis for processing is the Controller’s legitimate interest (Art. 6(1)(f) GDPR).

4. Social Media
   • The Controller processes Personal Data of Users visiting the Controller’s profiles on social media (YouTube, LinkedIn). This data is processed solely in connection with the management of the profile, including informing Users about the Controller’s activities and promoting various events, services, and products. The legal basis for processing Personal Data by the Controller for this purpose is its legitimate interest (Art. 6(1)(f) GDPR), consisting of promoting its brand.
5. Cookies and similar technology
   • Cookies are small text files installed on the User’s device while browsing the Service. Cookies collect information that facilitates the use of the website – e.g., by remembering the User’s visits to the Service and their actions.

SERVICE (FUNCTIONAL) COOKIES

• The Controller uses so-called service cookies primarily to provide electronic services and improve the quality of those services. In connection with this, the Controller and other entities providing it with analytical and statistical services use cookies to store information or gain access to information already stored in the User’s end telecommunications device (computer, phone, tablet, etc.). Cookies used for this purpose include:
  • cookies containing data entered by the User (session identifier) during the session duration;
  • authentication cookies used for services requiring authentication during the session duration;
  • cookies ensuring security, e.g., used to detect authentication fraud;
  • session cookies for multimedia players during the session duration;
  • persistent cookies used to personalize the User’s interface for the session duration or slightly longer.

MARKETING COOKIES

• The Controller and its trusted partners also use cookies for marketing purposes. In this regard, the Controller and its partners store information or gain access to information already stored in the User’s end telecommunications device (computer, phone, tablet, etc.).

6. Analytical and marketing tools used by the Controller’s partners
   • The Controller and its Partners use various solutions and tools for analytical and marketing purposes. Basic information about these tools can be found below. Detailed information is available in the privacy policies of individual partners.

GOOGLE ANALYTICS

• Google Analytics cookies are used by Google to analyze how the User uses the Service, create statistics and reports on the Service’s functioning. Google does not use the collected data to identify the User nor combine this information to enable identification. Detailed information about the scope and rules of data collection in connection with this service can be found at: https://www.google.com/intl/pl/policies/privacy/partners.

SOCIAL PLUGINS

• The Service uses plugins from social networks (Facebook, Google+, LinkedIn, Twitter). Plugins enable the User to share content published in the Service on selected social networks. The use of plugins in the Service causes the respective social network to receive information about the User’s use of the Service and may assign it to the User’s profile created on that social network. The Controller has no knowledge of the purpose and scope of data collection by social networks. Detailed information on this matter can be found at the following links:
  • Google: https://privacy.google.com/take-control.html?categories_activeEl=sign-in
  • LinkedIn: https://www.linkedin.com/legal/privacy-policy

YOUTUBE

• YouTube: https://www.youtube.com/howyoutubeworks/our-commitments/protecting-user-data/

HOTJAR

• HotJar is a tool that allows the Controller to analyze User activity on the Service, e.g., through surveys or satisfaction studies, and anonymously collect information about clicks on specific areas of the Service. The tool does not allow User identification. Detailed information about the data collected through HotJar and how to disable User tracking can be found at: https://www.hotjar.com/privacy.

7. Managing cookie settings
   • The use of cookies to collect data, including access to data stored on the User’s device, requires the User’s consent. This consent can be withdrawn at any time.
   • Consent is not required only for cookies whose use is necessary to provide a telecommunication service (data transmission to display content).
   • Withdrawal of consent for the use of cookies is possible through browser settings. Detailed information on how to change cookie settings in the most popular browsers can be found at the following links:
     • Internet Explorer: https://support.microsoft.com/en-us/topic/how-to-delete-cookie-files-in-internet-explorer-bca9446f-d873-78de-77ba-d42645fa52fc
     • Mozilla Firefox: https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox
     • Google Chrome: https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=en
     • Opera: https://help.opera.com/en/latest/web-preferences/
     • Safari: https://support.apple.com/guide/safari/manage-cookies-sfri11471/mac
   • The User can verify their current privacy settings for their browser at any time using tools available at the links below:
     • https://www.youronlinechoices.com/
     • http://optout.aboutads.info/?c=2&lang=EN

8. Duration of personal data processing
   • The duration of data processing by the Controller depends on the type of service provided and the purpose of processing. Generally, data is processed for the duration of the service provision or order fulfillment, until consent is withdrawn, or a valid objection to data processing is raised in cases where the legal basis for data processing is the Controller’s legitimate interest.
   • The processing period may be extended if processing is necessary to establish, pursue, or defend legal claims and, after that period, only if and to the extent required by law. After the processing period, the data is irreversibly deleted or anonymized.
9. User rights
   • The User has the right to access their data, request its rectification, deletion, restriction of processing, the right to data portability, and the right to object to data processing, as well as the right to lodge a complaint with the supervisory authority responsible for personal data protection.
10. Recipients of data
    • In connection with the provision of services, Personal Data will be disclosed to external entities, in particular, IT system service providers, entities such as banks and payment service providers, accounting firms, couriers (in connection with order fulfillment), marketing agencies (in the scope of marketing services), and entities affiliated with the Controller, including companies within its capital group.
    • With the User’s consent, their data may also be shared with other entities for their own purposes, including marketing purposes.
    • The Controller reserves the right to disclose selected information about the User to competent authorities or third parties who submit a request for such information, based on an appropriate legal basis and in accordance with applicable law.
11. Transfer of data outside the EEA
    • The level of Personal Data protection outside the European Economic Area (EEA) differs from that guaranteed by European law. For this reason, the Controller transfers Personal Data outside the EEA only when necessary and with an adequate level of protection ensured, primarily through:
      • cooperation with entities processing Personal Data in countries for which an adequacy decision of the European Commission has been issued regarding the level of Personal Data protection;
      • use of standard contractual clauses issued by the European Commission;
      • use of binding corporate rules approved by the competent supervisory authority;
      • in the case of data transfers to the USA – cooperation with entities participating in the Privacy Shield program, approved by a European Commission decision.
    • The Controller always informs about the intention to transfer Personal Data outside the EEA at the stage of its collection.
12. Security of Personal Data
    • The Controller continuously conducts risk analysis to ensure that Personal Data is processed securely – particularly ensuring that only authorized persons have access to the data and only to the extent necessary for their tasks. The Controller ensures that all operations involving Personal Data are recorded and performed only by authorized employees or collaborators.
    • The Controller takes all necessary steps to ensure that its subcontractors and other cooperating entities guarantee the application of appropriate security measures whenever they process Personal Data on behalf of the Controller.
13. Contact details
    • Contact with the Controller is possible via email at info@harden-construction.cz or by post to Bezová 1658/1, 147 00 Prague 4-Braník, Czech Republic.
    • The Controller has appointed a Data Protection Coordinator, who can be contacted via email at info@harden-construction.cz for any matters regarding the processing of Personal Data.
14. Changes to the Privacy Policy
    • The Policy is reviewed on an ongoing basis and updated as necessary.