Privacy Policy

Introduction

In this Privacy Policy, we explain how we process your personal data when you visit the website www.mainstream.eu/en (“Website”) and contact us with an inquiry through the Website, when your employer decides to cooperate with us, as well as in other situations that will be explained in more detail below.

Personal data is any data relating to a natural person whose identity is determined or determinable, directly or indirectly. For example, this could be your name and surname, residential address, email address, bank account number, phone number, and many others.

If the Website contains links to other sites or services, please familiarize yourself with the separate privacy policies of such sites or services.

Data Controller

We are Mainstream doo Belgrade, with a registered address at Studentski trg 4, 11 000 Belgrade (“Mainstream” or “we”), and we are the controller of your personal data. This means that we, as the controller, determine the purpose and method of processing your personal data. If you have any questions regarding the personal data we process, you can contact us at: kontaktlice.gdpr@mainstream.eu

Mainstream is a company that offers hosting, cloud, and other IT support services to companies (“Services”). To provide the Services, we process certain data of our clients in the capacity of a processor, but solely in accordance with their instructions and on their behalf. Where we process our clients’ data to provide services in the capacity of a processor, we have concluded the necessary processing agreements in accordance with the law and taken appropriate technical and organizational measures to preserve the integrity of the data we process. Considering that, in relation to the data of our clients that we process as part of providing the Services, we appear in the role of a processor, please familiarize yourself with the separate privacy policies of such entities as controllers.

Types of Data We Process and Purpose of Processing

We process several categories of personal data in several different situations.

If you contact us through the Website using the existing contact form with an inquiry about our services or want to send us your opinion or another message regarding our business, we collect your name, surname, business email, and the name of the company you work for, so that we can respond to your inquiry as accurately as possible.

If you register for webinars that we organize through the Zoom application, we will collect your name, surname, email, and company so that we can conduct the webinar, send you professional materials, and the like. For all details regarding how the Zoom application processes personal data, we kindly ask you to familiarize yourself with their privacy policy.

If your employer collaborates with us, we will process data such as your contact information and job position to establish a business relationship, provide, and charge for our Services. We may retain a minimum of your contact information even after the end of the business collaboration with your employer, to occasionally inform you by email about our offers and benefits related to the Services, for which we have a legitimate interest. In such a case, you can always request that we stop processing your data for direct marketing purposes by clicking on the ‘Unsubscribe’ link, after which we will stop contacting you.

If you attend our company events, you may be photographed, for which you will receive a separate prior notification upon arrival at the event. We have a legitimate interest in publishing photos from our public events on the Website or our social media profiles to inform the public about the purpose of the specific event. At any time, you can request that we remove your published photo from our Website or social media by contacting us at kontaktlice.gdpr@mainstream.eu, and we will do so if the legal conditions are met.

If you physically visit our business premises, for security reasons, we keep a record of entries into our premises, and in such cases, we will collect your name, surname, ID number, and the company you come from.

If you apply for a job with us, we will collect your CV to conduct the recruitment process and hire the appropriate candidate. If you are not selected for the position, we will stop processing your data unless we believe your profile may be suitable for a future position. Only in that case do we have a legitimate interest in retaining your CV and contacting you in the future.

Purpose of Processing and Legal Basis

We process your data that we collect to establish cooperation with our clients (your employer) and charge for the Services we provide based on the conclusion or execution of a contract.

If we continue to retain your contact information after the end of cooperation with our clients, we do so based on legitimate interest, to send you notifications about our Services that we reasonably believe may interest the organization you work for.

We can also process photographs of you taken at our public business events based on legitimate interest. Or, based on legitimate interest, we can retain the CV you sent when applying for a job at our company if we believe you are a profile we may engage in the future.

We have a legitimate interest in keeping records of external visitors to our business premises for security reasons.

We process your data when you contact us to establish potential business cooperation based on the conclusion and execution of a contract. If you contact us to express your opinion, we process your data based on legitimate interest.

If we process your data based on consent, you can withdraw your consent at any time.

With Whom Do We Share Your Data?

We may share your data exclusively with partners who help us or enable us to provide the Services (partners who own the appropriate IT infrastructure we use to provide the Services, or enable the payment for the Services, or online services that facilitate data processing). We have ensured that such partners, as our processors, sub-processors, or joint controllers, are contractually obligated to have access only to the necessary data and to take the necessary technical and organizational measures to ensure the security of such data in accordance with the law.

Protection of Data Integrity

We ensure that your data is secure. In this regard, we have implemented appropriate technical and organizational measures to protect your personal data from unauthorized processing and accidental loss, damage, or destruction. For example, we protect the integrity of your data by ensuring that only certain individuals within our organization have access to the data and by using appropriate passwords that are regularly changed.

How Long Do We Retain Your Data?

We collect and retain your personal data only as long as there is an objective business need, after which we delete them and stop processing them.

For example, data collected through the contact form on the website is retained for a maximum of one year, and the data collected when you register for our webinar is also retained for one year.

Contact data of employees of our clients is retained as long as there is business cooperation and until the necessary legal deadlines after the termination of such cooperation expire.

If you are not hired for the job you applied for at our company and we believe you are a candidate who may be interesting for employment in a similar position, we will retain your CV for another year, after which we will delete it.

If you attended our company events and were photographed, we retain these photos for one year, after which we delete them.

If you physically visit our business premises and we collect data for entry and arrival records, we retain these data for one year, after which we delete them.

Data Transfer

We do not transfer your data outside the territory of the Republic of Serbia.

Your Rights Regarding Personal Data

You have the following rights regarding the processing of your personal data:

  • If you want us to provide you with a copy of your personal data that we process, you can contact us with a request for such a copy
  • If you believe that your personal data that we process is incorrect or incomplete, you can contact us with a request for correction or completion of such data
  • If you want access to and insight into your personal data, you can contact us with a request for access and insight
  • If you want to restrict the processing of your personal data or want us to delete and stop processing them, you can contact us with an appropriate request, and we will comply with it in accordance with the law
  • In cases where we process your data based on consent, you can withdraw your consent at any time, upon which we will stop such processing.
  • If you no longer wish to receive emails informing you about various benefits related to our Services, you can unsubscribe by clicking on the ‘Unsubscribe’ link at the bottom of each email.
  • You have the right to request that the personal data you have provided to us be received in a structured, commonly used, and machine-readable format, and the right to transfer this data to another controller without hindrance, in accordance with the law
  • If you believe it is justified, you have the right to object to the processing necessary to achieve our legitimate interests at any time, and we will stop such processing if there are legal reasons for it
  • You have the right to object to the processing of your personal data for direct marketing purposes at any time, including profiling.
  • If the processing of your personal data is carried out automatically, you have the right to human intervention, to express your views on a decision made solely on the basis of automated processing, or to contest such a decision, in accordance with the law.

You can exercise the above rights by contacting us via email: kontaktlice.gdpr@mainstream.eu

Supervisory Authority

The supervisory authority for personal data protection is the Commissioner for Information of Public Importance and Personal Data Protection of the Republic of Serbia, to whom you can also file a complaint in accordance with the law.

You can contact the authority at the address Bulevar kralja Aleksandra 15, 11000 Belgrade, Republic of Serbia, by email at office@poverenik.rs or by phone at +381 11 3408 900.

Changes and Amendments to the Privacy Policy

If we decide to change the Privacy Policy, we will post all changes on this page. If the new changes to the Privacy Policy entail new ways of processing your personal data for which, in accordance with the law, your consent is required, we will subsequently seek such consent from you.

Information about Albacross’ processing of your personal data

We inform you regarding the processing of personal data on behalf of Albacross Nordic AB (“Albacross”)

Information collected from cookies set in your device that qualify as personal data will be processed by Albacross, a platform offering visitor identification and ad targeting services with offices in Stockholm and Krakow. Please see below for full contact details.

The purpose for the processing of the personal data is that it enables Albacross to improve a service rendered to us and our website (e.g “Intent” service), by adding data to their database about companies. The Albacross database will in addition to “Intent Data” be used for targeted advertising purposes towards companies and for this purpose data will be transferred to third-party data service providers. For the purpose of clarity, targeted advertising regards companies, not towards individuals.

The data that is collected and used by Albacross to achieve this purpose is information about the IP address from which you visited our website and technical information that enables Albacross to tell apart different visitors from the same IP address. Albacross stores the domain from form input in order to correlate the IP address with your employer.

For full information about our processing of personal data, please see Albacross’ Privacy Policy.

Albacross Nordic AB
Companyreg. no 556942-7338
Tegelbacken 4A
111 52 Stockholm, Sweden
www.albacross.com – contact@albacross.com