DDFU respects your privacy. This Statement describes your privacy rights and our commitment to protecting your personal data.
DDFU provides domain name registration, web hosting, servers and cloud services to natural and legal persons (Customers) in Europe. The main office of DDFU is located in Pilsen and is subject to European privacy legislation, including GDPR.
Scope and acceptance
This Statement provides information about the data processing carried out by DDFU, where DDFU determines the purpose and method of their processing (DDFU is in the role of Controller) of the data. It also provides information about the data processing that DDFU performs on behalf of its Customers on their instructions (Customer is in the role of Controller, DDFU in the role of Data Processor).
Personal data means data that can identify you personally, such as address, e-mail address, telephone number, etc. The processing of personal data is necessary for us to be able to provide services to our Customers. In the event that you do not consent to the data processing as described in this Statement, please do not use our website and services.
Whose data we process
DDFU processes personal data of job applicants and contact persons or users of services related to our Customers. In addition, we process personal data of individuals who are our potential customers and come through DDFU websites or other channels. Our statement in this regard can be found in the section on the activities of the data controller.
We also process data on behalf of our customers. This is described in the section on data processor.
Data protection entities may also be referred to as the person or you in this statement.
DDFU as a data controller
In cases where DDFU determines the purpose and method of processing personal data, it acts as a data controller. This includes situations where DDFU collects data of job applicants, Customer representatives or potential customers and users of the Services.
Why we process personal data
If we process your personal data, it is usually based on at least one of the following legal bases:
- it is necessary for the performance of the contract
- it is our legal obligation
- we have a legitimate interest in data processing that we believe is not contrary to the right to the protection of personal data
- You have given your consent to the processing.
Provision of services
We process personal data to identify you as a customer and to provide you with ordered services. We further process personal data for the purpose of invoicing the services used. The legal basis for this case is the performance of a contract.
Communication and support
We process information about your previous interactions with us in order to provide you with better support. We use information about you and the services you use as a basis for billing, sending important information about the services, newsletters, offers and tips for using the services. The legal basis for this case is the performance of the contract and legitimate interest.
Development of our services and products
We process data about how you use our services in order to improve them. The legal basis for this case is legitimate interest.
Marketing
We process personal data about which services you use and how, in order to offer relevant services and products that meet your needs. The legal basis for this case is legitimate interest.
Security and Abuse Prevention
We process personal data for the purpose of detecting and preventing:
- Misuse of services
- attempted security breaches
- DDOS and virus attacks
- infringements
- violation of terms and conditions.
The legal basis for this case is the performance of the contract and the legal obligation.
Legal obligations
We process personal data in order to comply with the requirements of the state and supervisory authorities. The legal basis for this case is legal obligations.
Job seekers
If you apply for a job with us, we process your personal data in order to evaluate your potential to become an employee of DDFU. The legal basis for this case is your consent.
How we collect your personal data
DDFU usually collects personal data directly from you or other persons connected to the Customer, such as a manager or colleagues. If you work for a Customer who has ordered services from DDFU through a partner company, personal data may be obtained from this company.
We collect and process data that you provide to us and data created by using our services.
If you visit our website or communicate with us by email, we will also use cookies and other tracking technologies to optimize your experience with DDFU and our site.
You can read more about how these technologies work and your rights in this context in the paragraph describing automatic data collection.
In some cases, we may collect information about you from other sources. These sources may be third parties acting as aggregators of personal data, our marketing partners, public sources or social networks.
Automatic data collection tools
We use various tracking technologies to collect information about your movements on our website.
Cookies and pixel tags
Cookies are small text files containing a string of characters and uniquely identify the browser. They are sent to your computer by the website operator or a third party. Most browsers accept cookies by default, as this is a condition for viewing and browsing most websites. However, you have the option to completely disable cookies, block third-party cookies or set when cookies can be sent in your browser settings.
Pixel tags are scripts that run when a user enters a page or opens an email. The pixel itself is not visible and can only be found in the HTML code of pages and emails. The script calls an application on the server that either downloads a third-party cookie to your computer or registers the opening of an email message.
Google Cookies and Technologies
Google Analytics: This cookie allows us to see information about the user’s visit to our site, such as pages viewed, the source of the visit, the time spent on the page and more. This information is depersonalized and displayed only as numbers. Therefore, they cannot be traced back to a specific user, which helps protect your privacy. Thanks to Google Analytics, we can find out which content on our site is the most popular and based on this we can offer you more content that interests you.
Google Analytics Remarketing: Uploads cookies to your computer, allowing Google to show you DDFU ads that may be of interest to you based on your previous behavior on the site. This information does not identify a specific person.
Google AdWords: Thanks to Google AdWords code, we are able to find out which websites brought you to DDFU. This will allow us to make better use of our budget for paid search results. This information does not identify a specific person.
Google AdWords Remarketing: Uploads cookies to your computer so that Google can then show you a DDFU ad that may be of interest to you based on your previous behavior on the site. This information does not identify a specific person.
If you do not want Google to collect and process the information generated by these cookies, you can prevent this by installing the Google Analytics Opt-out Browser Add-on on your browser. This add-in is available at https://tools.google.com/dlpage/gaoptout.
Facebook cookies
Facebook Remarketing: The Facebook pixel tag uploads cookies to your computer that notify Facebook that you have visited our site. Therefore, we assume that you are interested in DDFU and the content of our site. The next time you visit Facebook, you’ll see information and ads with similar content. To limit this kind of marketing, change the privacy settings on your Facebook account.
What personal data we process
We process the following types of your personal data:
- basic contact information such as name, address, telephone number and e-mail
- demographic information such as date of birth, age, and gender
- feedback, comments and questions about DDFU or about our products and services
- Content you’ve uploaded, such as images and videos
- unique user data such as login ID, username, password and security questions
- Payment information, such as bank account number
- Website visit information provided to us by your browser, such as browser type, device, language, address of the website from which you came to our site, IP address, etc.
- Information about the services you have ordered and operate, and how you use them. Conduct and Navigation on Our Sites and Services
- Information you provide to us when contacting customer support
- data about DDFU emails you have opened
- other personal data obtained from your profile that you have provided on social networks such as LinkedIn, etc.
- Employee information, such as title, position or preferences and interests in the context of a professional career.
DDFU, as a data controller, does not process sensitive personal data.
How We Share Your Personal Information
Government authorities
Your personal data may be requested from the DDFU by the police or other state authorities. We only share this data when required to do so by law and we are required to provide it.
Partner companies, subcontractors and related companies
DDFU: some services may be provided across partner companies and some personal data may be transferred for the purpose of providing these services.
DDFU also involves subcontractors of some services in the processing of personal data. Personal data for the purpose of providing these services may be provided outside the EU. These subcontractors are usually suppliers of cloud or other IT and web hosting services. When using subcontractors, DDFU enters into a Data Processing Agreement with them in order to protect your personal rights and fulfill its obligations to our Customers. In the event that the subcontractor is located outside the EU, the DDFU provides a legal basis for such international data transfers based on the Privacy Shield or EU Model Clauses.
We provide appropriate safeguards to ensure that your personal data is treated in accordance with applicable laws. We have the same requirements for our subcontractors.
Below you will find an overview of our partners and subcontractors with whom we share personal data and the purpose of data sharing.
Marketing and analytics purposes
| Partner | Personal data that is shared and why |
| ACTIVE24 | Data obtained from the use of our site to develop and optimize our website. |
| Data from website analytics, carried out through third-party cookies, the data is used for marketing purposes. | |
| Website analytics data performed through third-party cookies to market and improve our services. | |
| Seznam | Website analytics data carried out through third-party cookies, data is used to market and improve our services. |
For the purpose of providing services
| Partner | Personal data that is shared and why |
| ACTIVE 24 | Data needed for registration, administration and maintenance of domains for which DDFU is not a direct registrar. Data needed to issue SSL certificates. |
| CZ. NIC | Data required for registration, management and maintenance. CZ domains. |
| AppRiver | Data obtained for our partner company to provide Microsoft Cloud, Office 365, Dynamics 365, Azure. |
| ZIX | Data obtained for our partner company to provide Microsoft Cloud, Office 365, Dynamics 365, Azure. |
| OpenText | Data collected for our partner company to provide Microsoft Cloud, Office 365, Dynamics 365, Azure, CyberSecurity. |
| WebRoot | Data collected on behalf of our partner company for the purpose of providing the CyberSecurity service. |
| Carbonite | Data collected on behalf of our partner company for the purpose of providing the CyberSecurity service. |
| Microsoft | Data needed to configure and manage Microsoft 365 and Office, Dynamics 365, Azure. |
| SK-NIC | Data needed for registration, administration and maintenance of .SK domains. |
| ZOHO | Data collected needed for payments of services, maintenance products and services, sales. |
Other
| Partner | Personal data that is shared and why |
| Atlassian | DDFU-customer interaction data retained to improve the quality of customer support responses and client service. |
| Stripe | Data between DDFU and customers retained to manage payments and fees for DDFU services and products. |
| ZOHO | Data between DDFU and customers retained to manage payments and fees for DDFU services and products. Data collected needed for managing recuring payments of services, maintenance, products and services, sales, support, development, HR. |
| Google and Microsoft | Data related to the provision of a system for our email communication, for the automation of our internal processes and for data storage solutions. |
| ACTIVE 24 and Microsoft | Identification of the IP address and location of the IP address of the website visitor in order to maintain the security of the website and other visitors. Prevention of security incidents and prevention of any misuse. Website analytics data carried out through third-party cookies, data is used to market and improve our services. |
| Microsoft Azure | Data for building applications, hosting, ai, iot. |
Your rights
Right to opt-out of marketing communications
You have the right to opt out of receiving marketing communications from DDFUs, which can be done as follows:
- Follow the unsubscribe instructions in the received marketing email
- by changing the customer account settings in the DDFU Customer Center
- e-mail request sent to the address: hello@ddfu.org .
Please note that even if you unsubscribe from marketing emails, we may still contact you for administrative purposes. Such messages include, for example, order confirmations or notices important for the operation of the services used.
Basic rights
You have the right to access your personal data. Upon request, we will provide you with an overview of all your data that we process. You also have the right to data portability. You can also ask the DDFU to correct discrepancies in your personal data. This can usually be done in the appropriate section of the DDFU Customer Center.
Furthermore, you also have the right to request the deletion of personal data and the restriction of its processing in accordance with this statement or the specific terms of service provided.
For requests arising from this section, please use the e-mail address of the hello@ddfu.org.
You have the right to lodge a complaint about the processing of your personal data by DDFU with the Office for Personal Data Protection.
Data security and retention
How we protect your personal data
Your trust in us in this regard is taken very seriously by DDFU. We are committed to preventing unauthorized access, disclosure or other unauthorized processing of your data. We will ensure the confidentiality of the personal data we process, maintain the integrity of personal data and ensure its availability in accordance with applicable privacy legislation.
As part of our obligations, we use organizational, technical and physical measures chosen to protect the processed personal data, taking into account the type of personal data and the risk that would arise in the event of a breach of data confidentiality. Because the causes of general data breaches by organizations often reside within organizations, we believe that building a strong corporate culture where employees are aware of privacy is essential to ensuring lawful data processing and protection. In particular, our following measures are important in this regard.
Organizational
- Data Protection Board ensuring the lawfulness of processing and privacy policy. The Board is composed of in-house experts in data protection and security and is managed by a Corporate Data Protection Manager.
- A lawyer appointed as a Data Protection Officer acting as an advisor and controller on privacy matters.
- Mandatory procedures for record keeping of processing activities and risk assessment for data subjects.
- Data processing agreements with subcontractors who process data on behalf of DDFU.
Technical
- Personal data is transferred and stored in a secure environment that is accessible only to DDFU employees and subcontractors who need to access the data.
- For DDFU customer accounts, two-factor authorization can be activated.
- Before accessing or modifying personal data, the user must verify his / her identity (e.g. by entering a username and password).
Physical
- Spaces protected by access control.
How long we keep your personal data
DDFU will retain your personal information only for as long as necessary for the purpose, taking into account the need to respond to inquiries or resolve issues and comply with mandatory requests under applicable law.
This means that DDFU may retain personal data for a reasonable period of time after the last interaction with the Customer. If we no longer need the collected data, we will delete it. We may process data for statistical purposes, but in such cases the data will be pseudonymised or anonymised
DDFU as a data processor
DDFU provides a range of services that can be used by our customers to process the personal data of their own customers. The purposes of such data processing are determined by our customers, not by DDFU. This makes the Customer the controller of such personal data. In these cases, DDFU acts as a data processor and processes the data on behalf of the Customer on the basis of the Customer’s instructions. The relationship between the Customer as the data controller and DDFU as their processor is governed by a personal data processing agreement, which is part of the General Terms and Conditions of DDFU.
Customer commitments and DDFU
If the customer acts as a personal data controller, he will provide the legal grounds for the processing of personal data in accordance with the applicable privacy legislation. Furthermore, the Customer should assess and determine liability for the risks associated with data processing. Another essential aspect is the Customer’s obligation as a data controller to ensure that the entities whose data it manages are informed.
DDFU plays an important role in fulfilling the Customer’s obligations, as DDFU services are part of the processing of personal data for which the Customer must ensure their compliance with applicable privacy laws. Therefore, if DDFU processes personal data on behalf of its Customers, we must do so in accordance with the data protection legislation applicable to data processors.
In short, the Customer and DDFU are obliged to cooperate in order to ensure the protection of personal data. DDFU will provide the information necessary for the Customer to comply with applicable privacy laws.
Changes to this Statement
If we modify our Privacy Statement, the amended version will be posted here with the revision date. We encourage you to periodically review this Statement. If material changes are made to the Statement that govern our privacy practices, we will notify you by email, on our website and on social media prior to the release of a new version of the Statement.
The latest version of this Privacy Statement is dated August 1, 2023
How to contact us
We value your feedback. If you have any comments or questions about our Privacy Statement, or if you suspect a breach of your privacy, please email us at hello@ddfu.org. You can also contact us in writing at:
DDFU, Jan Skopový, Castkova 689/74, 326 00 Plzen, Czech Republic, EU
Your requests or complaints will be confidential. Our representative will contact you at the address you provided with a proposal to resolve the situation. Our aim is to ensure that complaints are resolved in a timely and appropriate manner.