Privacy policy

Introductory provisions

Company SecurityNet.cz s.r.o. IČ: 27501418, based U Velorexu 1301, 56401 Žamberk, reference C 22767, maintained by the Regional Court in Hradec Králové, contact e-mail address: hukot@hukot.cz and sister company Hukot Ltd., 72 Great Britain, London, England, SE1 0BL, Company number: 08957349, (next as the Company) provides its services in accordance to applicable law and handles personal data of customers in accordance with applicable legal regulations. The Company is controller.

This document provides customers with information about the processing of their personal data and their related rights and obligations. This document may be revided and updated as necessary.

We daclare that all internal processes concerning the processing of personal data are carried out in accordance with Act No. 101/2000 Coll. on the Protection of Personal Data and on Amendments to Certain Acts, as amended, and after May 25, 2018 also in accordance with Regulation (EU) No. 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of personal data and the free movement of such data and the repeal of Directive 95/46/ES (General Data Protection Regulation), known as GDPR.

When processing personal data, we comply with the legality of the processing of personal data, and we focus on legality, fairness, transparency, purpose limitation, data minimalization, accuracy, limitation of storage, integrity, and confidentiality of personal data.

The Company handles personal data manually and automated. The Company keeps records of all activities, both manual and automated, which lead to the processing of personal data.

Given that fact, on the date of publication of these principles, the criteria for the accreditation of entities qualified to provide good practice for the protection of personal data, or the criteria for issuing such certificates, which would allow us to certify the compliance of our practices with the above legislation, are not binding, we declare that all internal processes running in our Company are in accordance with the above regulations. Legislation does not require and, at the time of publishing these principles, do not allow certification to be obtained; in the event of the existence of accreditation mechanisms, unless they are binding, we reserve the right not to use the accreditation certificate (or seals, stamps).

Why and what data we process

We undertake not to require a larger amout of data, than is strictly necessary to achieve each of the following purposes.

If you choose to use the services offered by SecurityNet.cz s.r.o., the condition for their subscription, which means the conclusion of a contract with the Company, we require from you to order and create and administration, customer account (next as account) the following persional information: name, date of birth, home address, e-mail address, telephone number, login username and password. We need to process these personal data to identify, autorize and operate your account, without account is impossible to use our services. The proccesing of personal data necessary for the operation of the service is performed even after termination of the service, in purpose to order new services without creating a new account because it is in the interest of our Company.

We also process your personal data for the purpose of ordering, providing and identifying your services: name, date of birth, home address, e-mail address, telephone number (all of this information can be referred to as "basic identification data") and, data (such as e-mail or telephone communications) that we obtain from you in connection with the service we provide and the processing of which is necessary for the provision of the service. We have to process these personal data for purpose to provide you services and without the processing we can not provide you those services.

Here is list of another personal data, we are processing in accordance with individual services (if a service in not listed, no other personal data than those listed above are processed):

  • Domain name registration and hosting: access IP address, we may require additional personal information as required by the domain's registry. (such as ID card number)
  • Server services: access IP address

Processing of personal data listed above is necessary to completion and/or fullfilment the contract and your agreement is not required. The legal basic for this processing is necessity to fulfill the contract. Those personal data is not needed, however if you don't provide those personal data or you will not agree with processing for mentioned purposes, we will be forced to refuse make a contract with you.

Part of hosting and server services are e-mail services. E-mail messages recieved on our mail servers a designed for our customers are checked for malicious software that is suspended if it is present. For this purpose, we use a legitimate reason for the legitimate interest in interference to ensure network security. We prevent malicious software from spreading to our Company network, foreign networks and, in particular, our customer's facilities.

In connection with the provided services, we also process your personal data regarding the provided services, especially data about type of provided services, their scope, price, and information on payment disciple. On the premises of the copmany, which are intended to contact with customers, the cameras records are being stored, which are also personal data, for the purpose to prevent damage. All of data in this paragraph is obtained through connection with providing of services and in connection with basic identification data are processed in purpose to improve provided services and/or for case in to protect the interests of our Company (including the possible enforcement of our legitimate claims or the protection of our Company's rights in court or other proceedings). Therefore, as processing is necessary for the legitimate interests of our Company, your consent is not required. The legal basis for this processing is the necessity for the legitimate interests of our Company.

Personal data of our customers are processed due to compliance with legal obligations. For reasons required by the Accounting Act and other legislation, in particular in the field of taxation, we hold documents (in electronic or paper form) containing personal data, in particular invoices and documents showing the legal reason for issuing an invoice containing the name and address of the customers for a statutory period. Personal data consisting of traffic, location data and logs that are generated or processed in providing public communications networks and in providing publicly available electronic communications services, and the associated IP addresses, shall be subject to Section 97 (3) Act No. 127/2005 Coll., on Electronic Communications and on Amendment to Certain Related Acts (Electronic Communications Act). After the legal deadline (see below), we will no longer proces these personal data for this purpose. The legal basis for this processing is the fulfillment of legal obligations. Since this information from you in connection with the services provided, we must require, or we need to obtain them from other sources because i tis necessary to meet legal obligations, refusing to provide them or disagreeing with their processing would mean that we would not be able to conclude a contract with you and provide you services.

We also use our customer’s personal data for marketing and for promoting our products. We never provide personal data for marketing purposes third parties without the explicit consent of our customers.We process the personal details of the e-mail address for the purpose of e-mailing commercial communications about our Company products, and without your consent in accordance with legal regulations, as this is in the legitimate interest of our Company. The condition of sending these business communicatiosn is that the customer has a clear opportunity in a simple way, free of charge on behalf of our Company, to refuse to consent to such use of your e-mail address even when sending each individual message if already using this e-mail address he did not refuse. If you tell us that you do not agree to submitting these business messages, we will stop processing your personal data for this purpose. The legal basis for this processing is the necessity for the legitimate interests of our Company.

By visiting our Company’s website, you also share personal information about your IP address, location, browser, system or screen resolution. This kind of personal data is collected through Google’s web analytics and server only for our needs to purpose of analyze and improve our services. Because those data are collected and processed for our legitimate interests, your consent to such processing is not required. The legal basis for this processing is the necessity for the legitimate interests of our Company. For more about protecting Google’s privacy, read the relevant policies.

If you consent to the storage of cookies on our end device while visiting our Company’s Web sites, we process the cookie behavior records of files located on our Company’s website for better use of this website. The legal basis for this processing is your consent.

How long are personal data processed?

We process your personal data only for the duration of the reason for processing your personal information.

Personal data required to maintain a customer account will be processed for the purpose of maintaining a customer account during the provision of services. If a customer does not cancel his / her customer account after termination of service, we will continue to proces his or her personal data that is necessary to keep his customer account for 5 years.

The operational and localization records required by law to process are stored for a period of 6 months on the basis of the legal reason for the fulfillment of the legal obligations imposed by Section 97 (3) of Act No. 127/2005 Coll., On Electronic Communications and on Amendments to Certain Related Acts (Electronic Communications Act).

After termination of the provision of the ordered service and after the termination of all related contactual obligations (including warranty), we will stop processing your personal data for this purpose and erase it if such personal data or some of these are not processed for any other purpose.

If we processing personal data due to fulfillment of the legal obligations, we will stop processing after reaching estabilished deadlines.

Are personal data provided to third parties?

In the case, that the ordered services or parts thereof are provided by other persons (eg. mail delivery, certification authority) or the provision of the ordered service necessarily requires the transfer of personal data to another person (eg. The person registering the domain names in the cental register), we will provide these third parties your personal data, and only to the extent strictly necessary for the provision of the ordered service. We are authorized to handle this personal data without your consent, as we would otherwise not be able to fulfill the agreement and provide you with the requested service. However, we are always required to ensure that these third parties comply with all data protection obligations and do not use your personal data for any other purpose without your consent. If the third person's specification of the personal data is not disclosed in this policy, it will be communicated to you when ordering the service.

The transfer of personal data to third parties takes place in the following services:

  • Providing commercial certificates: personal data are transmitted to the CA GlobeHosting, Inc. Wilmington, Suite 105, 501 Silverside Road, DE, Zip 19809, New Castle, US for verification, first name and surname, address, e-mail address, telephone number of individuals
  • Domain name registration: IGNUM, s.r.o., Vinohradská 190, 130 61 Prague 3 a Gransy s.r.o. Bořivojova 878/35, 130 00 Prague, Czech Republic, personal data are forwarded to other processors – registars or directly to the central registers of each domain name for domain name registraion purpose, and it involve first name and surename, address, e-mail address, telephone number, or other personal informations if required by the domain name register.

Who has access to personal data?

Access to your personal data in our Company is restricted to persons who’s neccesarily required for the purpose for which personal data is processed. For this purpose, a regular audit takes place in our Company.

Employees of customer support have only access to the personal data they need to authorize requests and identify the customer. This approach is necessary for proper customer service support.

Employees with access to personal data are adequately trained to protect their privacy and are required to comply with confidentiality.

What other rights do you have to protect your privacy?

In relation with the protection of personal data you have the right to

  1. Recieve from us the confirmation, if your personal data, which concern you, are or not being processed,
  2. Recieve information from us about the processing purposes, categories of personal data concerned, the recipients whose personal data were or will be made available, the scheduled processing time or the criteria for its determination, the existence of the right to require us to repair or erase your personal data or to restrict its processing, an objection to that processing, the right to file a complaint with the Surveillance Authority, any available information about the personal data source, if it is not obtained from you, the fact that automated decision making is taking place, including profiling, apporopriate safeguards when transferring data outside the EU,
  3. Recieve copy of your processed personal data from us, if it won’t be unfavorably affected rights and freedom of others,
  4. to correct inaccurate personal data we will process about you,
  5. to deletion of personal data that apply to you, unless we are able to demonstrate legitimate reasons for further processing of such personal data,
  6. the limited processing of your personal data until the resolution of the complaint if you deny the accuracy of the personal data, the reasons for its processing, or if you object to their processing,
  7. the notice from our Company in the case of correction, deletion or limitation of the processing of personal data; if personal data are corrected or deleted, we will inform the individual recipients, except where this proves impossible or requires unreasonable effort; on request, we can provide you with information about these recipients,
  8. the portability of data, which concern you, so you have right to recieve personal data from us, which concern you, in a structured, commonly used, and machine-readable format, and right to request our Company to handover those personal data to another controller; only when, the processing being automatized and our Company those data obtains on your consent or for purposes fulfillment contracts; and where the transfer is technically feasible,
  9. right to object against processing your personal data in reason to legitimate interest our Company or against dissemination of business communications,
  10. refuse processing your personal dat for sending business communications,
  11. whenever withdraw agreement with processing your personal data, if our Company those data process on your consent; with this withdraw agreedment won’t be affected legality of processing given before the withdraw based on your consent.

In case your doubts about the compliance of your processing of your personal data with legal regulations, you have the option of submitting a complaint to the supervisory authority, which is the Office for Personal Data Protection in Czech Republic (see www.uoou.cz).

These policies are effective from May 25, 2018