Privacy Policy for Platform Users
Version 1.4
Information Concerning Personal Data Protection
We would like to inform you about the details of the processing of personal data and the rights it belongs to.
When processing personal data, we always comply with the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on movement of such data and the repeal of Directive 95/46/EC (General Data Protection Regulation; "GDPR") and in accordance with applicable data protection regulations.
This also applies in cases where we act not as an controller, but as a processor of your personal data. We can act as a processor in particular in cases where you use the services of a consultation with a cooperating expert or in cases where we manage your personal data in accordance with your instructions as part of technical support. To fulfill our obligations as a processor, see document "Obligations of the processor - statement".
These principles apply only to the client application Talk2amy (client.talk2amy.com). The website of the company Mongata (www.mongata.eu) and the public web presentation of Talk2amy (www.talk2amy.com) have their own specialized Privacy Policy.
Controller Identification and Contact Details
Controller
| Company: | Mongata s.r.o. |
| ID (IČO): | 089 60 585 |
| Address: | Plynarní 1617/10, Holešovice, 170 00 Prague 7, Czech Republic |
| E-mail address: | privacy@mongata.eu |
Contact us with any questions or requests regarding the processing of your personal data.
Scope of Processing - Personal Data
We process your personal data to the extent that you provided it directly to us or how we obtained it as a part of the provision of our services to you. This may include, in particular, the following categories of personal data:
- First, Middle Name and Last Name
- E-mail Address
- Payment Information
- Segmentation Data (native language, gender, country of childhood, etc.)
- Results of Answered questionnaires
- Personality Profile
- In case of the subscription for Professionals also in addition: date of birth, insurance company and education
Processing Purposes and Legal Reasons
| Purpose of Processing | Legal Reason |
|---|---|
| Performing psychological testing - prediction of personality profile | Performance of the contract, resp. implementation of measures taken before the conclusion of the contract |
| Opening an account to manage it within an organization | Performance of the contract, resp. implementation of measures taken before the conclusion of the contract |
| Perform a test without registration | Performance of the contract, resp. implementation of measures taken before the conclusion of the contract |
| Payment for the provision of services by the administrator |
Performance of the contract
Fulfilment of a legal obligation |
| Share data between designated users | Consent |
| Send information and news related to used services | Legitimate interest |
In addition to the authorized staff of the Controller, your personal data may be transferred to other entities. The recipient of personal data may include:
- Persons to whom you consent to share (family members, employer, etc.)
- Public authorities and supervisory authorities under applicable law
- Internet payment companies.
- Controller's Technical Support after explicit approval from Subscription administrator. The approval is always time-limited.
We do not transfer personal data to third countries or international organizations.
Data Retention
Personal data processed on the basis of the performance of the contract will be stored for the duration of the rights and resulting from the contractual relationship, or for a period to be determined by the relevant legislation.
Personal data that are necessary for the fulfilment of legal obligations will be stored for a period applicable law or in accordance with them.
If the storage period is not determined by law, we make sure that personal data are stored only after necessarily for a long time. We store operational data containing personal data (e.g. audit data, logs) for a period of two years.
Your Rights
According to the GDPR, you have several rights related to the protection of personal data, which you can conditions set out in the GDPR:
Right to Access
You have the right to ask us to confirm whether or not your personal data is being processed. If you do not processing takes place, you have the right to access your personal data and other information related to processing, such as processing purposes, recipients of personal data, retention period, sources of personal data data, etc.
The first copy of the processed personal data will be provided to you free of charge. In the case of requests for further copies, the the Controller shall be entitled to demand a reasonable fee corresponding to the administrative costs incurred.
Right to Correct
You have the right to request the rectification of inaccurate personal data or the addition of incomplete personal data.
At the same time, you have obligation to report any changes to your data without delay.
Right to Delete
You have the right to have your personal data deleted, except where we are prevented from doing so by legal obligations or if other exceptions have been met.
Processing Restriction Right
You have the right to restrict processing in the following cases:
- if you deny the accuracy of personal data; processing of personal data is then limited to the time it takes for the accuracy of personal data to be verified;
- processing is unlawful and you refuse to delete personal data and ask for restrictions on their use instead;
- personal data are no longer needed for processing purposes, but you require them for the purpose of determining, legal claims;
- you object to the processing of personal data on the basis of a legitimate interest; processing of personal data is until it is verified that our legitimate reasons outweigh yours.
Right to Portability
In the case of automated processing of personal data, which takes place on the basis of the consent granted or contract, you have the right to obtain your personal data in a structured, commonly used and machine-readable format. If technically feasible, we will send personal data in a given format directly to another Controller.
Right to Withdraw Consent to the Processing of Personal Data
Your data will only be shared with selected entities and only with your consent. You can share data e.g. with Your friends, family members, employer, psychologist, etc. These persons will have your data (test results) is made available only with your consent.
If testing is carried out in the context of an employment relationship or in the recruitment of new staff (candidates), then consent must be given for your results to be seen by the employer or potential employer. If however, you will not grant this consent, you can always have it tested here in an individual way.
Right to Lodge a Complaint
If you believe that the processing of your personal data is in violation of the GDPR, you have the right to file a complaint with the Supervisory Authority. For citizens of the Czech Republic, the Office for Personal Data Protection performs this function, registered office at Plk. Sochora 727/27, 170 00 Prague 7 – Holešovice. For citizens of the Slovak Republic it is Office for Personal Data Protection, registered office at Hraničná 12, 820 07 Bratislava.
How to Exercise Your Rights
You can exercise your privacy rights by submitting a request to the Controller. Content applications must always be at least identification data (first name, surname, username – typically email), address details and specifications of the rights applied.
You have several options for submitting an application. In order to prevent unauthorized access by third parties to your personal each option is linked to a certain method of identity verification. You can submit an application as follows:
- After logging into your account using the "Support Center" link
- Write mail to Controller's address with verified signature
- Email to "privacy@mongata.eu" with guaranteed electronic signature
All acts related to the exercise of your rights are carried out free of charge. Exceptions may be cases where unjustified or disproportionate, in particular because of their repeated submission. In such a case, we are entitled to demand a reasonable fee corresponding to the administrative costs incurred in by performing the required tasks, or by performing the required we may refuse to comply with your request.
Non-provision of Personal Data
In general, you have the right not to provide us with your personal data. In the event of a contractual relationship, the exercise of rights and fulfilment of obligations, the provision of personal data may be a contractual requirement or a requirement must be entered into a contract. In the event of non-provision of personal data, a contract cannot be expected between you and Controller, nor the performance of the contract by the Controller.
In addition, in the context of the acts we perform under the law, the provision of your personal data may be Requirement.
You have the option not to consent to data sharing. However, if you are an employee or job seeker and testing will be invited by your employer or potential employer, it is not possible to carry out testing in this mode without consent. However, you still have the option to use the services of Controller and be tested individually.
Your data is processed primarily electronically and we take care of their proper security.
Personal Data Location
All personal data are stored in Microsoft's Azure cloud data centers, namely in the "West Europe" data center in the Netherlands (EU).
Do not hesitate to contact us at any time with any question, wish or initiative related to processing personal data. You can connect with us using the contacts listed in the introduction.
