Privacy Policy

What Information do We Collect

---

When sending the contact form and the career form, only the data which are necessary to execute the form (such as the first name, surname and e-mail address) are obligatory.

How Do We Collect the Information

---

We get some information directly from you (upon completing the contact form, the inquiry form and the form to order transportation). Some information is recorded automatically (using cookie files).

Information We Get from You

---

We collect only the data, which you decide to give us or which are necessary to execute the form. If we ask you to provide us with personal data, you do not have to give them to us. Possible refusal can result in the limitation of services provided by the website nymwag.cz, or it can prevent you from using the system functions fully.

Information We Get Automatically

---

We record various information on how you use the service of nymwag.cz automatically. To do so, we use, for example, cookie files. Thus, we can also analyze, improve and secure the service of nymwag.cz. These data are anonymous.

What Do We Use the Obtained Data for

---

The provided data will be used to process the forms, etc. The personal data are also processed by means of an electronic database for the actions necessary and closely related to fulfilling the provider’s responsibilities and the execution of contract; sometimes they are processed by third parties - data processors responsible for their own conduct.

Using Your Personal Data

---

The personal data we collect help us provide and improve our products and related services. Furthermore, they are used to communicate with you effectively.

Sharing Your Personal Data

---

The data are available only to the provider. They are provided to third parties only when they are required for payments, bookkeeping and other obligations of the provider prescribed by the law. They will not be provided to any other parties.

Anonymous Information

---

The services of the companyHarpuna s.r.o. use cookie files to improve the quality of services, the customization of the offer, the collection of data and for analytical purposes. Using the web, you agree with the use of the mentioned technologies.

General Information

---

Data processor - Harpuna s.r.o. (the data are encrypted and stored on the servers at the companyWEDOS Internet, a. s.)

Server operator - WEDOS Internet, a. s. (servers are located in the Czech Republic).

Data Security

---

The user and the provider are obliged to handle of any inputs and information, which are expressly marked as confidential, their confidentiality arises from the law and/or they are not recognizably intended for any third parties, in a confidential manner.

Update

---

We will update the information continuously to inform you better about processing your personal data.

Personal Data Processing Agreement

---

1. In relation to the personal data of clients, the Provider is the Processor according to article 28 of European Parliament and Council Regulation NO. 2016/679 (GDPR). The Client is the Data Controller regarding these data.
2. The Provider shall process personal data for the User to the extent and for purposes stipulated in clauses 3-6 herein. The means of processing are automated. Within processing, the Provider will collect, save to information carriers, store, block and dispose of the data. The Provider is not entitled to process any personal data in conflict with or in excess of the framework of these terms and conditions.
3. The Provider shall process data for the User in the following scope:
   1. common personal data
   2. special categories of personal data according to article 9 of GDPR
4. The Provider shall process personal data for the User to provide the NYMWAG platform in the form of a license agreement.
5. Personal data can be processed only at the site of the Provider or its contractors according to section 7 herein, specifically in the territory of the European Union.
6. The Provider shall process personal data of the User’s clients for the User for the period necessary to execute rights and obligations arising from the contractual relationship between the Provider and the User and from exercising claims arising from the contractual relationships (for the period of 5 years from the termination of the contractual relationship).
7. The User grants the permit to involve a subcontractor as another Personal Data Processor pursuant to Article 28, par. 2 of GDPR. The Subcontractor is ONEsolution s.r.o., a hosting provider. Furthermore, the User grants the Provider a general permit to involve another Personal Data Processor. The Provider, however, shall notify the User in writing of any intended changes relating to the involvement of other Personal Data Processors or their Substitution. The User shall have the right to object to these changes. The Provider shall oblige its Subcontractors acting as Personal Data Processors to fulfill the same duties concerning Personal Data Protection as the duties included herein.
8. The Provider recognizes that Personal Data Processing is secured especially as follows:
   1. Personal Data are processed in accordance with legislation and the User’s instructions, i.e. for the performance of any activities necessary to provide the platform NYMWAG in the form of license agreement.
   2. The Provider undertakes that it shall ensure the protection of personal data technically and organizationally so that no unauthorized or accidental access to the data, their change, damage or loss, unauthorized transfer, their other unauthorized processing or their misuse can occur, and that all duties of the Personal Data Processor arising from legislation are secured personally, organizationally and continuously throughout the period of data processing.
   3. Any implemented technical and organizational measures correspond to the risk level. Using the measures taken, the Provider shall secure continuous confidentiality, integrity, availability and immunity of processing systems and services, and it shall restore the availability of personal data and access to them in the events of physical or technical incidents.
   4. The Provider hereby declares that Personal Data Protection is subject to its internal safety regulations.
   5. Personal Data can be accessed only by the Provider’s and Subcontractor’s authorized persons according to section 7 herein. The Provider shall set out the conditions and the scope of data processing. Each such person shall access personal data with their own unique identifications.
   6. The Provider’s authorized persons who process Personal Data hereunder shall maintain confidentiality as to the personal data and security measures, the disclosure thereof may compromise their security. The Provider shall ensure that the persons are demonstrably bound by secrecy. The Provider shall ensure that this obligation for the Provider and the authorized persons shall last even after the end of employment or other relation to the Provider.
   7. The Provider shall assist the User with any appropriate technical and organizational measures, where appropriate, to fulfill the User’s duty to respond to the request for the effective exercise of the Data Subject’s rights stipulated in GDPR. The same applies to the provision of conformity with the duties under articles 32 to 36 of GDPR, taking into account the nature of processing and information available to the Provider.
   8. After the termination of performance relating to processing under section 6 herein, the Provider shall delete all Personal Data or return them to the User, unless it is obliged to store the Personal Data on the basis of a special act.
   9. The Provider shall give the User any information necessary to demonstrate that the duties hereunder and stipulated in GDPR have been complied with, and it shall allow audits, including inspections, by the User or a different auditor authorized by the User.
9. The User shall report any facts known to them which could negatively affect proper and timely performance of obligations arising from these terms and conditions, and, as necessary, to assist the Provider to fulfill these terms and conditions.