General Data Protection Regulation (GDPR)
We are a Data Controller of your information. If you’d like to learn more about GDPR and your rights under GDPR, please read the GDPR guide.
- SimplyIT.cloud s.r.o. needs to perform a contract with you
- You have given SimplyIT.cloud s.r.o. permission to do so
- Processing your personal information is in SimplyIT.cloud s.r.o. legitimate interests
- SimplyIT.cloud s.r.o. needs to comply with the law
Personal data we collect
To provide and operate Simplyit.cloud Application we collect following information:
- Service information needed to run Application like name, photo, company name, email, phone number, role/function.
- Information we obtain during use of our services – if you visit our website or use our cloud service, we automatically save some information in the server protocols.
This information includes:
- Information on the device – we collect information on the specific device and its operating environment (such as the operating system and its version, screen resolution, browser type and version).
- Cookie files – these are small text files saved in your computer or mobile device during your visit to websites. They facilitate memorizing your activities and preferences for a certain time so that you do not have to enter them again when returning to the site or switching from site to site.
- Google Analytics – to further improve our Application and services we also use this service to gather details about the device or location of the user
- Customer support information provided by you during your contact with us like your name, phone number and/or email needed to answer your questions and solve your problems.
- Marketing – we register identification and contact data (such as name, surname, e-mail, device information) necessary for offering our services, sending the newsletter and better targeting of online advertising.
Use of this information
We use the information collected on you to provide you our services, and further support during their employment, to notify you of changes in our services as well as to improve our services. This information can further be used to inform you about additional services and products which we offer and which supplement those that you have already ordered or inquired about.
Specifically, this involves these cases:
Your e-mail which you enter during registration of the Simplyit.cloud Application is used for login and your unambiguous identification within your instance of this application. Moreover, the e-mail is used for the provision of user support and possible education as well as sending information on innovations and changes regarding this cloud service.
- If you fill in your phone number in your user profile in Simplyit.cloud Application, you can use it for your identification if you call us by phone; we can also contact you on this number within the user support.
- Information which we automatically collect and profile if you use our services are utilized for error diagnostics, monitoring, evaluation and optimization of operation, as well as for statistics on the client environments in which our service is operated. Based on this information, we improve and optimize our cloud application, whereas no automated decision-making is employed for processing of all the above-mentioned personal data.
- For the purpose of external processing – We provide personal data to subjects of these categories (types): accounting company, external billing service, e-mail service provider, cloud service, and data storage provider, so that they can process it for us exclusively for the indicated processing purposes and pursuant to our instructions, in conformity with these Principles of Personal Data Protection and other pertinent measures to ensure the privacy and security of your personal data.
- For legal reasons – we can share your personal data with third parties if we are in good faith convinced that its sharing is reasonably necessary for the purpose of:
- observance of laws or other legal regulations as well as judicial proceedings or response to a request from the public administration;
- application of pertinent contractual terms including investigation of their potential violation;
- finding, prevention or another procedure within the protection of legal claims of the Simplyit.cloud s.r.o. company (against fraud, for instance), in the case of technical difficulties and/or security problems;
- protection against damage to health or property as well as the security of the Simplyit.cloud, s.r.o. company, our users or the public as required or permitted by a legal regulation.
Where we retain personal data
For Application cloud and data storage, we employ the services of the hardware, network connection and data storage provider, Heroku, Inc.
For Website we use Forpsi webhosting services provided by INTERNET CZ, a.s.
With these providers, we have concluded all the necessary contractual documentation in conformity with these Principles of Personal Data Protection and other pertinent measures to ensure the privacy and security of your personal data.
We give maximum priority to data security; therefore, we endeavour to protect our clients against unauthorized data operations. We strive to adopt suitable technical and organisational measures and take all the necessary steps to ensure safe handling of your data in conformity with these principles.
Specifically, this involves the following safety measures:
- Physical data security (Data Centre) – The Simplyit.cloud Application operation is secured by Heroku cloud provider. This provider constitutes one of the leaders in the area of physical and software security, enabling resistance even to critical situations, such as natural disasters, massive hacker attacks or power failures.
- Data transmission security (Network Security) – All network communication is encrypted by means of a certified electronic signature (the same type is used by banks).
- Security at the application level – Data protection is based on granting access to the individual information groups to authorized persons only.
- Naturally, the actual access to the application is secured by a unique user name and password.
- Simplyit.cloud Application contains a simple tool for the administration of user roles and groups. Thanks to this, it is possible to define specific data access.
- All data transmissions are encrypted with the TLS protocol.
- Backup – Every day, Heroku is executing backup of data and files. These files are not stored elsewhere.
- Monitoring – All data accesses are monitored in logs.
- Minimization of accessing persons – Access to personal data is restricted only to the employees of Simplyit.cloud s.r.o. who need to know it in order to process it and who are contractually bound by strict obligations to preserve confidentiality; in the case of breach of this obligation, they can be severely punished.
- In addition, you are responsible for the selected access password that enables you access to the Simplyit.cloud Application and are obliged to keep it in confidence, while following our instructions. Although we verify your identity, you must not share your access data with anybody else and you entrust us with acting according to the instructions of any person who enters this data of yours. At the same time, we declare herewith that we preserve all passwords in a one-way encrypted form and their readable form is unknown and underivable to us.
- Transmission of information via the Internet is never absolutely safe. Although we will make every effort to protect your personal data, we cannot guarantee the safety of data transmitted to our side. We cannot be responsible for any such transmission, but as soon as we have received your information, we will apply strict procedures and safety functions as protection against unauthorized access.
If relevant in the given case, you have numerous rights in conformity with legal regulations for the protection of personal data, including:
- the right to raise an objection against processing;
- the right to approach and view personal data kept on you (name, email, picture, address, correspondence with Simplyit.cloud support team);
- you can also ask us to make any necessary changes to ensure its accuracy and topicality;
- you can further limit the scope of personal data processed in this way;
- the right to ask for transfer of your personal data to another organisation;
- you also have the right to erasure of your personal data, thus “to be forgotten”;
- you also have the right to revoke the granted consent to the processing of your data;
- as well as the right to invoke binding arbitration against this processing at the supervisory authority of the Office for Personal Data Protection.
If in case of need you require a copy of your personal data we store, this will be provided standardly to you free of charge (contact: firstname.lastname@example.org).