Scope and purpose
Xsec is responsible for the personal information it collects when you request answers to your questions or comments through our website. In this case, Xsec is a personal data administrator. Contact details can be found below.
Use of personal data
Personal data sharing
With third-party service providers
Your personal data may also be provided to third parties, provided that these third parties provide Xsec services in connection with the Xsec business and therefore process personal data on Xsec's account. These are the services:
• IT service companies that host our website or assist us in developing the website;
• IT support providers;
• other service providers (eg software providers).
The above-mentioned service providers are authorized to process personal data only if this is necessary for the provision of our company's services. Companies and service providers can be located within or outside the EU / EEA.
Personal data processing outside the EU / EEA
Xsec does not process or provide personal data outside the EU / EEA in any way.
Service providers (third parties)
Personal data collected from you may be transferred and processed by service providers (third parties) established in a country outside the EU / EEA, including countries where the European Commission does not consider the level of personal data protection to be sufficient. In such a case, we will take all necessary measures in accordance with applicable law to ensure that such cross-border transfer of your personal data complies with applicable law. Personal data may only be transferred to countries outside the EU / EEA where (i) the European Commission has decided that the third country provides an adequate level of protection, or (ii) if the transfer is secured using EU model arrangements (according to Article 46 (2) of the General Agreement). Data Protection Regulation 2016/679, hereinafter referred to as "GDPR") or in case the beneficiary is certified according to the "US - EU Privacy Shield Framework" according to Article No. 45 of the GDPR.
Personal data security
Xsec takes all reasonable technical and organizational measures to protect your personal data from an accidental or unlawful destruction, accidental loss or alteration, unauthorized disclosure or access, and any other illegal forms of processing. Xsec also takes all reasonable legal, technical and organizational measures to ensure that personal data is handled securely and with an adequate level of protection when transmitted or shared with the above-mentioned third parties.
Although we will take appropriate technical and organizational measures to protect the personal data you provide to us, no transmission over the Internet can guarantee security. Therefore, please be aware that we cannot guarantee the security of any personal data that you transmit to us over the Internet.
Personal data is kept for the time strictly necessary to process the request, to respond or hand it over to the relevant person for processing. Personal data is not stored for more than three (3) months from the sending of your request. Personal data will be deleted after the above period, except where we need to retain any personal data in order to comply with legal obligations, resolve disputes or enforce certain agreements or contracts.
Cookies and similar technologies
Technologies such as cookies, tags and scripts are used by Xsec, our analysts or service providers. These technologies are used, for example, in analyzing trends, in managing these websites and in monitoring user movements on our websites.
The data subject rights
• You have the right at any time to receive a copy of the personal data that we hold about you and information about the processing of personal data. Please note that Xsec must be able to identify you in order to respond to your request.
• You have the right to correct incorrect, incomplete or irrelevant personal data without undue delay.
• You have the right to have your personal data deleted without undue delay and Xsec is obliged to delete your personal data without undue delay if, for example, one of the following reasons: the personal data is no longer necessary for the purpose for which it was collected; otherwise processed, or if the consent on which the processing is based is withdrawn and there is no other legal basis for the processing. Please note that we are not required to delete personal data if we can demonstrate that the processing is necessary, for example, to fulfil a legal obligation to which Xsec is subject, or to establish, exercise or defend a legal claim, or if there are other legitimate reasons to retain data.
• You have the right to require Xsec to restrict the processing of your personal data under certain conditions, for example, if you question the accuracy of personal data, processing may be limited for a period that allows Xsec to verify the accuracy of personal data or if Xsec no longer needs personal data for processing purposes, but you require the personal information to create, enforce, or defend legal claims.
• You have the right at any time, based on your specific situations, to object to the processing of personal data by Xsec if the processing is based on, for example, legitimate interests, including marketing and/or profiling based on legitimate interest. If you object to such processing, Xsec will no longer have the right to process your personal data under this legal basis, unless Xsec can demonstrate compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms, or if the processing is performed to the establishment, exercise or defence of a legal claim.
• Under certain conditions, you have the right to receive personal information about you that you have provided to Xsec in a structured, commonly used, machine-readable format. In such a format, personal data may be passed directly to another administrator, if technically possible.
• You have the right to withdraw your consent to Xsec to process your personal data at any time. If you revoke your consent, please note that this will not affect the lawfulness of the processing based on your consent prior to its withdrawal and that Xsec may in certain circumstances process personal data on a different legal basis and may therefore continue to process personal data. Please note that if you withdraw your consent, Xsec may not be able to comply with your request for information.
• If you have doubts about the processing of personal data by Xsec and / or believe that the processing is in breach of applicable law, you can file a complaint with the supervisory authority of the Office for Personal Data Protection, please see contacts below.
• Please note that requests, communications and all actions to exercise the rights of the data subject are made free of charge. However, if requests made by the data subject are manifestly unfounded, disproportionate or repeated, they may be subject to a fee. If you wish to receive a copy of the personal data we process or if you wish to exercise any of the above rights, please contact us at the contacts listed below.
Personal data administrator:
Xsec s.r.o., with its registered office at Lidická 700/19, 602 00 Brno, Email: email@example.com
You can also contact the Office for Personal Data Protection (www.uoou.cz) directly with your suggestions.