In this document, we, company Thybit s.r.o., company ID: 08083274 residing at Thybit s.r.o. Sokolská třída 1263/24, 702 00 Ostrava, Czech Republic, registered in the Commercial Registry maintained by the Regional Court in Ostrava, Section C, File 78278 (hereinafter as “Thybit”), would like to inform you how we process personal data of users of our website www.thybit.com (hereinafter as “Website”).

Thybit is, in relation to the user of the Website, who is a natural person, the controller of the personal data.
Should you have any questions about privacy or your rights, please contact us via email legal@thybit.com.

1.    What data we process and for what purpose?

1.1.    Concluding of an agreement with the users
On the Website, we present our products and services. In case any user is interested in learning more about our products and services, it is possible to contact us through an electronic contact form available on the Website.
The personal data filled in the contact form on the Website for this purpose are processed for the purposes of conclusion of an agreement on provision of our products and/or services to our (future) customers. 
For this purpose, we process the name, surname and e-mail of the user. Further, we may process also information gathered in further communication with the user.
In case an agreement on provision of our products and/or services is subsequently concluded between Thybit and the user, our Privacy Policy for our customers apply. 

1.2.    Legitimate interests
Besides the cases above, we also allow the users to contact us via contact form on the Website with other requests and/or queries. For these purposes, we process the following personal data: name, surname, e-mail, information collected in further communication with the user. Processing of this personal data is necessary for the purposes of the legitimate interests pursued by Thybit.
The personal data may be also processed by Thybit for protection of our legitimate interests in case of future legal disputes, court proceedings etc., where we might have to prove that we have acted in compliance with the law when operating our Website and providing our services. For these purposes, the name, surname, e-mail and information on use of the Website may be processed.
For the purposes of protection of our legitimate interest, which is assessment and improvement of our Website and products and services, we may process statistical data on use of the Website. Unless otherwise stated, the statistical data are anonymous, i.e. do not constitute personal data.

1.3.    Fulfilment of a legal obligation
Further, we might process personal data of our users when it is required by the law and in scope required by the law, e.g. by regulation in the field of accounting, archiving, etc. 

2.    From whom do we receive personal data and to whom do we pass it?

We get the personal data primarily from you, the data subject. We do not collect any other data except those you provide us with, respectively which will arise from your activity within the Website. You are obliged to provide us with accurate data and if your personal data is changed, you must update such data. 

We use the following personal data processors:

• Google Ireland Ltd., Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, (Google Analytics)
• LinkedIn Ireland Unlimited Co, Gardiner House Wilton Plaza Dublin Ireland (LinkedIn Lead Gen Forms)
• Facebook Inc., 1 Hacker Way Menlo Park, California 94025 (Online marketing tool)
• Microsoft Clarity (Microsoft Ireland Operations Limited, South County Business Park, Dublin 18, D18 P521)

The personal data may be handed over to the state bodies and authorities in the extent required by the applicable legislation.

3.    How do we process the personal data?

The personal data of the users is processed within the Website in electronic form by automated means, eventually in electronic form by automated means by the above-mentioned processors for the above-mentioned purposes. 
Personal data of the users may be also processed manually, and the processing may be performed by our employees or other persons working for us, inter alia for the purpose of erasure of mistakes, inaccuracies, etc. However, such persons may process personal data only under the conditions and to the extent stated above and they are bound by the obligation to maintain confidentiality of the personal data and security measures which would jeopardize the security of personal data, if disclosed. 
We always process the personal data in accordance with applicable legal regulations and provide them with due care and protection. We take care that you do not suffer any harm to your rights, in particular the right to maintain a human dignity and privacy.
We do not perform any automated decision making nor profiling.

4.     How long do we keep your personal data?

The personal data collected via the electronic form on the Webpage is kept only for the period necessary to deal with your queries or requests, not longer than 6 months from the day you have provided the data via the electronic form.
Afterwards, we may still process your personal data for the following purposes:

3.1. Legal obligations
In the case that Thybit is obliged to process certain personal data by the law, the personal data will be processed in the required extent for the period prescribed by the law. 

3.2. Legitimate interests
We also process personal data to protect our legitimate interests, i.e. to defend ourselves against eventual claims of our customers, even before a court (for example, during the respective lapse of rights periods that may in the Czech Republic last up to 15 years from the occurrence of a relevant event). In this connection, Thybit processes your identification details (name and surname) and contact details (e-mail), information on use of the Website and communication with Thybit. Typically, this period is 5 years from the occurrence of the relevant event giving rise to the claim.

5.    What are your rights? 

Firstly, you have the right to ask us for an access to your personal data, including the production of a copy of all your personal data.

We will always inform you about: 
a)    the purpose of the processing of personal data,
b)    the personal data or the categories of personal data processed, including any available information on their source, 
c)    the nature of the automated processing, including profiling, and information on the procedure followed, as well as the significance and expected consequences of such processing for the data subject, 
d)    recipients, or categories of recipients, 
e)    estimated period, for which the personal data will be stored or, if it is not possible to determine it, the criteria used to determine such period, 
f)    all available information about the personal data source, unless it is obtained from you. 
Your other rights include right to: 
a)    ask us for an explanation;
b)    require that we remedy the emerged situation, in particular, it may be blocking, repairing, supplementing, limiting or disposing of personal data (the right to be forgotten);
c)    require personal data that concern you in a structured, commonly used, and machine-readable format, and pass on this information to another data controller, without any obstructions from our side;
d)    submit a question, eventually a complaint to the Office for personal data protection;
e)    object the processing of personal data relating to you.