Privacy Policy of DAP Services, Ltd.

   Privacy Policy explains:

• What information do we collect as a personal data manager and for what reason?
• How do we use this information?
• How do we secure data and where do we store them?
• How do we access data as the processor, who manages personal data on behalf of a personal data administrator?

 

 

What information do we collect and for what reason (DAP Services, Ltd., as a personal data manager)?

 

  • We only limit our personal data collection to those that are an essential prerequisite for providing our services:
    • For the purpose of diagnostics, we store selected colours for individual objects (words, different types of multimedia, etc.).
    • Necessary data for standards application when evaluating results: age, gender,…
    • To personalize the final report, other data such as name, surname, email, etc. can be saved, too.
    • If using contact forms on our websites, it is sufficient to provide only basic information that will enable our company to communicate with you.
    • In case of using our internal tools requiring registration, it is necessary to provide information that will enable our company to ensure possible billing and appropriate support. You are informed of specific personal data, and their processing before registration is complete.
  • We do not use personal data collected for purposes other than those for which they were originally collected.
  • We only store personal information for a limited time. Personal data collected to manage communication between the customer and DAP Services, Ltd., (name, surname, address, e-mail, etc.) are kept only for the duration of the business relationship and for the following 36 months after its termination. At the end of this period, they are anonymised.
  • We do not provide any personal information collected for third parties, which are not closely linked to DAP Services, Ltd., and which have nothing to do with the fulfilment of the contract subject matter.
  • We implement appropriate technical and organisational measures to ensure a high level of security.

 

 

How do we use this information?

Information obtained during diagnostics is used for evaluation by means of CA method. Anonymised data are used for statistical and scientific evaluation to validate and develop further the CA method.

 Right to repair, right to be erased and to be forgotten

GDPR brings a new element, which is the right to erasing and its extension to the right to be forgotten. As a result, a person may require personal data to be deleted without undue delay unless there is a legal reason for further processing.

If you wish to use your right to erasing or correction, please contact us at info@dap-services.com. Once we verify your identity, we will remove your personal data in accordance with our privacy policy.

 

 

 

Where are the data stored?

The data obtained and their backups are stored on OVH servers (ovh.com, European datacentres). For more information on how the servers are secured, visit www.ovh.com/us/about-us/security.xml. Information on the personal data protection is provided by OVH here: www.ovh.cz/ochrana-osobnich-udaju

Safety measures of DAP Services, Ltd.

  • An access management system that enables to restrict access to interested people only to such areas and information that they necessarily require for their work.
  • Strong authentication mechanisms for users and administrators based on a strict password management policy.
  • Processes and log management are enabling to track all actions performed on individual information systems and allowing to report them in case of an incident affecting our customers’ data.

 

DAP Services, a.s., as a processor

 The commitments of DAP Services, a.s., the processor, include:

 

  • To process personal data only for the proper functioning of the services. DAP Services, Ltd., never processes this information for other purposes (g. disseminating business communication, etc.).
  • Not to transfer data outside the European Union or outside the countries having sufficient data security meeting the requirements of the European Commission.
  • To inform the customers about any contact with other processors who could process their data.
  • To implement advanced security standards to provide a high level of security for our services.
  • In the case of data leakage, to alert the customers in the shortest possible time.