Privacy Statement

ACTIVE 24 respects your privacy. This Privacy Statement outlines your rights to privacy and our commitment to safeguarding your personal data.

ACTIVE 24 provides internet domain registrations, webhosting, server and cloud based services to private and public businesses (Customers) in Europe. ACTIVE 24’s head office is located in Prague and is subject to European privacy legislation, including the General Data Protection Regulation (GDPR).

Scope and acceptance

This Privacy Statement provides information about data processing carried out by ACTIVE 24 when ACTIVE 24 determines the purpose and means of the processing (ACTIVE 24 act as data controller). It also provides information on data processing ACTIVE 24 do on behalf of our Customers based on their instructions (the Customer as data controller and ACTIVE 24 as data processor).

Personal data is information that can identify you as a person, such as an email address, street address or phone number etc. Processing your personal data is necessary for us to serve our Customers. Please do not use ACTIVE 24 websites or our services if you do not agree with how we process personal data according to this Privacy Statement.

Whose data we process

ACTIVE 24 processes personal data about jobseekers and contact persons or service users tied to our Customers. In addition we process personal data about persons representing potential Customers (Leads) that approach us via ACTIVE 24 websites or other channels. Our statement in these regards is to be found in the data controller section.

We also process data on behalf of our Customers of which the Customer controls. Our statement in these regards is to be found in the data processor section.

In this Privacy Statement data subjects may also be referred to as persons or you.

ACTIVE 24 as data controller

When ACTIVE 24 determines the purpose and means of processing your personal data, the company acts as data controller. This includes scenarios where ACTIVE 24 collects personal data in the context of you being a jobseeker, you being a representative for a Customer or Lead, or when you are a service user.

Why we process personal data

In general, at least one of the following legal bases may apply for each case, when we process your personal data.

  • It is necessary to fulfil the contract with you.
  • It is our mandatory obligation.
  • We have a legitimate interest in the processing, that we believe does not conflict with your privacy rights or freedoms
  • You provide a consent for the particular processing.

Provision of services

We process personal data to identify you as a customer, to manage and deliver the services you ordered and subscribe to. We also process personal data required to handle billing and payments for of the services you use. The legal base in this case is to fulfil the contract.

Communication and support

We process information from your previous communication between you and us in order to provide you a better assistance. We use your contact information and information about which services you use as the basis for invoices, newsletters, important information about your services, offers and tips on how to use our services. The legal base in this case is to fulfil the contract and a legitimate interest.

Development of our services and products

We process personal data on how you use our services in order to improve your customer experience and to improve our services in general. The legal base in this case is a legitimate interest.

Marketing

We process personal data about what services you use and how you use them in order to market relevant products and services to you according to your needs. The legal base in this case is a legitimate interest.

Security and prevention of abuse

We process personal data in order to detect and prevent:

  • abuse
  • intrusion attempts
  • attacks such as viruses and DDOS
  • law violations
  • terms violations.

The legal base in this case is to fulfil the contract and our legal obligations.

Regulatory obligations

We process personal data in order to comply with the requirements of the law. In this case, the legal base for processing personal data is our legal obligations.

Jobseekers

If you are a jobseeker, we process personal data in order to evaluate your potential to become an ACTIVE 24 employee. The legal grounds for such processing is your consent.

How we collect your personal data

In general, ACTIVE 24 collects personal data directly from you or other persons linked to our Customer. These persons may be a manager or colleague. If the Customer you work for purchases ACTIVE 24 services via a partner company, we may collect information about you from the partner company.

We collect and process data that you share with us when you contact us and data that is created when you use our services.

We will also use cookies and other tracking technologies when you use ACTIVE 24 webites and interact with us per email in order to optimize your experience of ACTIVE 24 and our sites. Please see the paragraph describing automatic data collection tools for more information on how these technologies function and your rights in this context.

In some cases, we may also collect information about you from other sources. These sources may be third party data aggregators, our marketing partners, public sources or third party social networks.

Automatic data collection tools

ACTIVE 24 uses different digital tracking technologies to collect information about your movements on our websites and when interacting with us.

Cookies and pixel tags

Cookies are small text files that contain a string of characters and uniquely identifies a browser. They are sent to a computer by website operators or third parties. Most browsers are initially set up to accept cookies, since this is required by most website owners in order to access their sites. You may be, however, able to change your browser settings to cause your browser to refuse cookies in general, block third party cookies or to indicate when a cookie is being sent.

Pixel tags are scripts that execute when a user lands on a website or opens an email. The pixel itself is not visible and can only be seen in the HTML of the site or email. It calls an application on a server that will cause a third party cookie to be downloaded to your computer or registers that the email has been opened.

If you would like to know more about cookies and how they work, please visit www.allaboutcookies.org.

Google cookies and technologies

Google Analytics: This cookie allows us to see information on user website activities including, but not limited to page views, source and time spent on a website. The information is depersonalized and is displayed as numbers, meaning it cannot be tracked back to individuals. This will help to protect your privacy. Using Google Analytics we can see what content is popular on our websites, and strive to give you more of the things you enjoy reading and watching.

Google Analytics Remarketing: Places cookies on your computer which means that after you leave our website, Google can show you advertisements about ACTIVE 24 that you might be interested in, based on your previous behaviour on our website. This information is not personally identifiable.

Google AdWords: By using Google AdWords code, we are able to see which pages helped lead to contact form submissions. This allows us to make better use of our paid search budget. This information is not personally identifiable.

Google Adwords Remarketing: Places cookies on your computer which means that after you leave our website, Google can show you advertisements about ACTIVE 24 that you might be interested in, based on your previous behaviour on our website. This information is not personally identifiable.

You can prevent the information generated by the Google cookie about your use of our websites from being collected and processed by Google in the future by downloading and installing Google Analytics Opt-out Browser Add-on for your current web browser. This Add-on is available at http://tools.google.com/dlpage/gaoptout.

Facebook cookies

Facebook Remarketing: the Facebook pixel tag places cookies on your computer, which can send an alert back to Facebook telling Facebook that you have checked out the website. We then assume that you have an interest for ACTIVE 24 and the content on this site. When visiting Facebook, you will then be exposed to information or adds with similar content. Please use your privacy settings in Facebook to limit exposure to marketing of this kind.

What personal data we process

The type of personal data that we process about you may be:

  • Basic contact details such as name, address, telephone number and email.
  • Demographic Information such as date of birth, age and gender.
  • Feedback, comments or questions about ACTIVE 24 or concerning our products and services.
  • Content you have uploaded such as photos and video.
  • Unique user information such as login ID, username, password and security questions.
  • Payment information such as bank account number.
  • Traffic information as provided by your web browser such as browser type, device, language and the address of the website from which you arrived and other traffic information such as IP address.
  • Data about which of our services you order and use, and how you use them. Clickstream behaviour and movement on ACTIVE 24 websites and in our services.
  • Information you provide us in when you contact our support.
  • Email behaviour such as which emails from ACTIVE 24 you open when and how.
  • Other personal data contained in your profile that you have freely given away on third party social networks such as LinkedIn etc.
  • Employment information such as employer, title, position including preferences and interests in professional context.

 

As data controller, ACTIVE 24 does not process sensitive personal data about you.

How we share your personal data

Public Authorities

Police and other authorities may request your personal data from ACTIVE 24. We will share such data only in cases, where it is lawfully required and mandatory for ACTIVE 24.

Partners, subcontractors and related companies

As ACTIVE 24 is part of a larger ownership structure where individual companies co-operate, some services may be provisioned across these entities and thus some personal data may be exchanged in order to provide such services.

ACTIVE 24 also uses subcontractors to process personal data and may export your or our Customers data outside the EU in this regard. These subcontractors are typically vendors of cloud services or other IT hosting services. When using subcontractors, ACTIVE 24 will enter into a data processing agreement (DPA) with subcontractors in order to safeguard your privacy rights and to fulfil our obligations towards our Customers. When subcontractors are located outside the EU, ACTIVE 24 ensures legal grounds for such international transfers on behalf of you or our Customers, hereunder by relying on Privacy Shield (US) or using the EU Model Clauses.

We implement appropriate safeguards to ensure that your personal data is handled in accordance with applicable laws regarding safety and privacy. We apply the same requirements to our subcontractors.

For the following purposes we may share data with the respective partners and subcontractors.

Marketing and analytical purposes

Partner Personal data that is shared and why
Etnetera and Cognito Data related to usage of our websites in order to develop and continuously update the websites and maximise their performance.
Facebook Third-party cookie beb analytics data for marketing purposes.
Google Web analytics data through third party cookies for marketing and web analytics to improve our services.
H1.cz, s.r.o. Web analytics data through third party cookies for marketing and web analytics to improve our services.
Seznam Web analytics data through third party cookies for marketing and web analytics in Czech Republic to improve our services.
Mailchimp  

In order to deliver our services

Partner Personal data that is shared and why
Ascio Technologies Data required to register, manage and renew domain names, where ACTIVE 24 is not the directly accredited registrar, data necessary to provide SSL certificates.
CZ.NIC Data required to register, manage and renew .CZ domain names within the country code for Czech Republic.
Loopia AB Data required for our Swedish sister company to deliver our Microsoft Office 365 services.
Microsoft Data required to configure and manage Office 365 accounts for our customers at Microsoft.
SK-NIC Data required to register, manage and renew .SK domain names within the country code for Czech Republic.
Topline Ventures and Yola Data necessary to activate and maintain site-builder services powered by Yola.

In order to charge for our services

Partner Personal data that is shared and why

Other

Partner Personal data that is shared and why
Google and Microsoft Data related to provisioning of our email, office automation and file storage solutions
Digitale, spol. s r. o. Data about interactions between customers and ACTIVE 24 in order to manage the distribution of the interactions and the quality of our answers to customers, including support call recording.
Survio Data related to conducting our customer surveys.
Teamio Data related to selecting applicants for employment in ACTIVE 24.

Your rights

Right to opt-out of marketing communications

You have the right to opt-out of receiving marketing communications from ACTIVE 24 and may do so by either:

(a) Following the instructions for opt-out in the relevant marketing communication,

(b) Change preferences in the customer control panel provided by ACTIVE 24

(c) Contacting us via e-mail on privacy(at)active24.com.

Please note that even if you opt-out from receiving marketing communications, you may still receive administrative communications from ACTIVE 24, such as order confirmations and notifications necessary to manage your account or the services provided.

Basic rights

You have the right to access your personal data by requesting an overview of the personal data we process about you and you may have a right to data portability. You also have the right to request that ACTIVE 24 corrects inaccuracies in your personal data. This can usually be done through the appropriate sections in the customer control panel provided by ACTIVE 24.

Further, you have a right to request deletion of personal data, and to restrict or object to our processing of your personal data according to this Privacy Statement or other service specific terms.

Please use privacy(at)active24.com to file all requests as mentioned in this section.

Finally, you also have a right to file a complaint to the data protection authorities with regards to our processing of your personal data.

Data security and retention

How we keep your personal data secure

ACTIVE 24 takes the trust you and our Customers place in us very seriously. ACTIVE 24 is committed to prevent unauthorized access, disclosure or other deviant processing of personal data. ACTIVE 24 shall ensure the confidentiality of personal data we process, maintain the personal data integrity and to secure it’s availability according to applicable privacy legislation.

As part of our commitments, we utilize reasonable and appropriate organizational, technical and physical procedures and measures to safeguard the information we collect and process, taking into account the type of personal data and risk posted to you and our Customers upon breach. Since root causes for privacy breaches are most likely to be found internally, we believe that building a strong corporate culture where respect for and awareness around privacy among our employees are fundamental to ensure lawful processing and protection of your data The following measures are of particular importance in this regard:

Organisational

  • The Data Protection Council governing lawfulness of processing and privacy policies. The council is staffed with internal privacy and information security experts supervised by the Corporate Data Protection manager.
  • A lawyer being appointed as Data Protection Officer acting as advisor and controller in privacy matters
  • eLearning privacy courses that are mandatory for all employees
  • Mandatory procedures for keeping records of processing activities and assessing risks for data subjects
  • Data processing agreements with subcontractors that process data on behalf of ACTIVE 24

Technical.

  • Personal data is transferred and stored in secure and redundant operating environments that are only accessible to ACTIVE 24 employees and subcontractors on a need-to-know basis
  • Two factor identification can be set to login to an ACTIVE 24 account
  • Service users are required to verify their identity (e.g. login ID and password) before they can access or make changes to their account.

Physical

  • Premises protected by access control and video surveillance systems

How long we store your personal data

ACTIVE 24 will only retain your personal data for as long as necessary for the stated purpose, while also taking into account our need to answer queries or resolve problems and to comply with legal requirements under applicable laws.

This means that ACTIVE 24 may retain your personal data for a reasonable period after you and our Customer’s last interaction with us. When the personal data that we collected is no longer required we erase it. We may process data for statistical purposes, but in such cases, data will be pseudonymised or anonymised.

ACTIVE 24 as data processor

ACTIVE 24 provides many different services which can be used by our Customers to process data of their own customers. The purposes of such processing are determined by our Customers and not by ACTIVE 24, which makes the Customer the personal data controller. ACTIVE 24 does in such cases act as data processor and processes the data on behalf of and according to instructions given by the Customer. The relation between the Customer as data controller and ACTIVE 24 as data processor shall be regulated by a data processing agreement which is integrated in the ACTIVE 24’s General Terms & Conditions.

Customer’s and ACTIVE 24’s obligations

When the Customer act as data controller the Customer shall, according to applicable privacy legislation, ensure the legal grounds for processing the personal data. Further, the Customer shall assess and establish ownership to the risks posed to data subjects by processing their personal data. Another important aspect of the Customer’s duty as data controller is to comply with the information duty towards data subjects.

ACTIVE 24 is a natural part of the Customers duties as data controller, in the sense that ACTIVE 24 services constitute parts of the processing of personal data that the Customer must ensure are compliant with applicable privacy legislation. Thus, when ACTIVE 24 processes personal data on behalf of its Customers, we must do so in accordance with privacy legislation applicable for data processors.

In short, the Customer and ACTIVE 24 are obligated to cooperate to ensure privacy for data subjects. ACTIVE 24 shall provide the information necessary for the Customer to be compliant with applicable privacy legislation.

Changes to this Statement

If we modify our Privacy Statement, we will post the revised statement here, with an updated revision date. We encourage you to review the Statement regularly. If we make significant changes to our Statement that materially alter our privacy practices, we may also notify you by other means, such as sending an email or posting a notice on our corporate website and/or social media pages prior to the changes taking effect.

The last update of this Privacy Statement was May 15th 2018.

How to contact us

We value your opinion. If you have any comments or questions about our Privacy Statement, any unresolved privacy or data use concerns that we have not addressed satisfactorily, or concerning a possible breach of your privacy, please send them to privacy(at)active24.com. You can also send it in writing to

DPO
ACTIVE 24, s.r.o.
Sokolovsk√° 394/17
18600 Praha 8
Czech Republic.

We will handle your requests or complaints confidentially. Our representative will contact you to address your concerns and outline the options regarding how these may be resolved. We aim to ensure that complaints are resolved in a timely and appropriate manner.