GDPR

What personal data do we need from you?Why do we need your personal data?How do we handle your personal data?Who do we share your data with?What are your rights? Data Security! Contact:

Please familiarize yourself with the information on how our company Cyber-TBD s.r.o., with its registered office at Rooseveltova 1206/31 Opava, ZIP: 746 01, Company ID: 214 14 432, registered in the Commercial Register maintained by the Regional Court in Ostrava, Section C, Insert 95650, processes your personal data in connection with the provision of services and products.

What personal data do we need from you?

The company Cyber-TBD s.r.o. is the controller of the personal data you provide to us. We collect personal data about you that is appropriate for the purpose for which it is processed. We do not collect your sensitive personal data (special categories of personal data) under any circumstances.

Why do we need your personal data?

1. For marketing and promotional purposes, we process the following personal data based on your consent:

  • First name, last name, email, employer, email opens, and link clicks within emails.

We retain this personal data for a maximum of 3 years from the last email open or until you withdraw your consent (please note that withdrawing consent does not affect data processed historically if still necessary, e.g., to fulfill obligations).

You may withdraw your consent to receive marketing materials in the footer of each email or by contacting our designated representative.

2. For business (customer/supplier) relationships, we process the following personal data to fulfill contractual obligations:

  • First name, last name, title, date of birth, permanent residence, contact address, email, phone, bank details, company, order, invoice, complaint. 

We retain this personal data for a maximum of 5 years from the date of the order.

3. For tax and accounting purposes, we process the following personal data as required to meet legal obligations:

  • Tax and accounting records.

Accounting documents are kept for 5 years, and tax documents for 10 years from the end of the tax period in which the performance occurred.


4. For recording and reporting cases of personal data breaches, we process the following personal data as part of our legitimate interest in defending our legal claims:

  • First name, last name, date of birth, phone, email, notification date, incident description, actions taken.

We retain this personal data for 10 years.


5. For exercising rights related to data protection, we process the following personal data as part of our legitimate interest in defending our legal claims:

  • First name, last name, date of birth, permanent residence, request date, request subject, response date, response content for fulfilling data subject rights, signature.

We retain this personal data for 10 years.


6. To resolve your inquiries, we retain the following personal data as part of our legitimate interest:

  • First name, email address, inquiry.

We delete your inquiries regarding our services no later than 6 months after they are resolved.


7. To retain your comments, we retain the following personal data as part of our legitimate interest:

  • First name, email address, inquiry.

We delete your inquiries regarding our services no later than 10 years after they are received.


8. For direct marketing purposes to our customers, based on legitimate interest, we process the following personal data:

  • First name, last name, email, employer, email opens, and link clicks within emails.

We retain this personal data for a maximum of 2 years from the last purchase or the end of the service period.


In all cases where we process personal data based on legitimate interest, we ensure that it does not unduly interfere with your rights and freedoms. Users have the right to object to processing based on legitimate interest if they believe it unduly infringes on their rights.


You may object to processing based on the legitimate interest of Cyber-TBD s.r.o. using the contact information provided below.

How do we handle your personal data?

When processing your personal data, we apply the following procedures and mechanisms, as data security and protection are our key priorities.

  1. We always process your personal data for a specific, clear, and understandable purpose, and only for the duration necessary in relation to the purposes of processing;
  2. We process your personal data in a manner that ensures the highest possible security of this data, preventing any unauthorized access to your personal information;
  3. We always inform you about the processing of your personal data and your rights related to data processing;
  4. In our company, we adhere to appropriate technical and organizational measures to ensure a level of security corresponding to all potential risks. All persons who come into contact with clients’ personal data are required to maintain confidentiality regarding any information obtained in connection with processing this data.

Who do we share your data with?

We provide personal data to the following recipients:

  • We use Office 365 services from Microsoft Corporation, One Microsoft Way, Redmond, WA 98052, USA, for document management.
  • For managing our contacts, handling our email marketing, and registering for webinars, we use the services of Odoo S.A. - Data Protection, Chaussée de Namur 40, 1367 Grand Rosière, Belgium, VAT: BE0477472701.
  • For banking services, we use Komerční banka, a.s., Prague 1, Na Příkopě 33, Building No. 969, 114 07, P.O. BOX 839, ID: 45317054, VAT ID: CZ699001182.


The above recipients process your personal data solely for the specified purposes and based on our instructions in accordance with appropriate measures to ensure the confidentiality and security of your personal data.


If personal data is transferred outside the European Union, an adequate level of protection is ensured through safeguards, such as standard contractual clauses, which meet data protection requirements.

What are your rights?

To protect your personal data, you may exercise your rights free of charge:

  • Right of access – if you would like to know what personal data our company holds about you.
  • Right to rectification – if the information you provided is inaccurate or has changed, you may request the correction of your personal data at any time.
  • Right to erasure – by exercising this right, we will delete all personal data we identify as unnecessary (without a legal purpose) or unlawfully held. If the retention period for personal data has expired or the data is no longer necessary for the purposes for which it was collected, you may request its deletion. To exercise this right, please contact us using the contact details provided below.
  • Right to restrict processing – if you wish to protect your rights and our company does not fulfill your requests related to data protection, you may exercise your right to restrict processing, and we will not use your personal data except where required by law. We will inform you if we decide to continue using your data.
  • Right to data portability – if you provided us with data based on consent or a contract, we are obliged, upon your request, to provide this data in electronic form to you or a recipient you specify.
  • Right to object – you may object to the processing of personal data based on legitimate interest (e.g., property protection or legal defense) if it infringes upon your rights and freedoms.
  • Right to file a complaint – either with the contact below or with the supervisory authority (Office for Personal Data Protection).

Data Security!

We have implemented and maintain the necessary and appropriate technical and organizational measures, internal controls, and information security processes in line with best business practices, corresponding to the potential risk posed to you as a data subject. We also consider the state of technological development to protect your personal data from accidental loss, destruction, alteration, unauthorized disclosure, or access. 

These measures may include, among other things, taking reasonable steps to ensure employee accountability for data access, employee training, regular data backups, data recovery procedures, incident management, and software protection of devices where personal data is stored, etc. We assure you that our employees and associates who process your personal data are required to maintain confidentiality regarding personal data and the security measures, the disclosure of which could compromise the security of your personal data.

Contact:

Data Protection Officer:

dpo@cybertbd.com