1. Provider's online services
The Provider, in providing group financing services (hereinafter referred to as "BrikkApp services"), is the data controller of the personal data of its clients - investors, in accordance with EU Regulation No. The Provider offers services through its own platform www.brikkapp.com (hereinafter referred to as the "BrikkApp Platform" or "Platform"), including the possibility of online registration on the Platform and the use of its interactive features. These interactive features allow an investor to create his/her own profile on the Platform and to invest in investment opportunities offered by the BrikkApp Platform.
2. What personal data do we collect, for what purpose and by what technical means?
3. Who has access to your personal data and to whom is it disclosed?
Access to the investor's personal data collected within the BrikkApp services is granted only to a defined group of users, which are usually members of the Provider's operational team. Access to personal data is protected by a login name and password. If external suppliers are involved in the provision of the services, then they may have access to the personal data necessary for the purposes described in point 2 above. Each Investor has the opportunity to contact the Provider to learn whether external contractors are involved in the provision of the services used by the Investor. No personal data is passed on to third parties outside of the above.
4. How do we protect your personal data?
The collected personal data and all information related to BrikkApp services are stored on the Provider's servers, whose operations are governed by the Provider's security decisions and the Provider's internal regulations for this type of servers and services. Furthermore, the collected personal data and all information related to BrikkApp services are stored on the server of an external supplier who acts as a processor, with whom the Provider has concluded a contract for the processing of personal data in accordance with the relevant provisions of the GDPR, and who must guarantee the protection and confidentiality of data required by the GDPR. This processor is the commercial company Kevin EU, UAB, company ID: 304777572, with registered office at Lvivo str. 25-104, Vilnius, Lithuania.
5. How can you verify, modify or request deletion of your personal data?
Any investor can edit their profile at any time using the online form presented on the BrikkApp platform. In case the investor wants to verify which personal data are managed by the Provider or wants to have them deleted, he/she can contact the Provider as the administrator of these data on the BrikkApp platform and explicitly specify his/her request. Special attention is paid to the consequences of the erasure request. In this case, any trace through which the investor could be contacted will be deleted.
6. How long do we keep your personal data?
The investor's personal data will be stored and managed only for the time necessary for the purpose of processing personal data, in accordance with the Provider's internal regulation on document shredding, which states that:
a. marketing offers will be sent by the Provider for a period of 1 year from the end of the contractual relationship between the Provider and the investor (it is so regulated in the consents to the processing of personal data in connection with the investor's acceptance of the Provider's terms and conditions);
b. contacting investors regarding the services provided to them under the contractual relationship will only take place for the duration of the contractual relationship between the Provider and the investor;
c. the Provider will keep the originals of contracts with investors (especially in electronic version) for 5 years after the end of the contractual relationship between the Provider and the investor, corresponding to the general limitation period for potential claims arising from the contract, or for the period required by Czech law, especially tax or regulatory law.
d. other personal data concerning, in particular, the settlement of mutual financial claims between the Provider and the investor will be kept for the period of time required by the legal regulations of the Czech Republic, in particular tax or regulatory regulations.
If the investor does not agree with the management or processing of his/her personal data according to points a., b., he/she may at any time contact the Provider via the BrikkApp platform and explicitly specify his/her request.
7. Contact details
In case the investor has any questions or comments regarding BrikkApp services in connection with the processing of his personal data, or has questions directed to his rights under the GDPR, he can contact the Provider's support team via the contact email firstname.lastname@example.org located on the BrikkApp platform.
8. Filing complaints
The investor may lodge a complaint with the supervisory authority if he/she believes that the management or processing of his/her personal data violates the legal regulations on personal data protection. The investor may lodge a complaint with the supervisory authority, which for the territory of the Czech Republic is the Office for Personal Data Protection, located at Pplk. Sochora 27, 170 00 Prague 7 www.uoou.cz or he/she may contact the Provider via the BrikkApp platform in this context.