Last updated October 5th 2023.
In this document “Protokol”, “Protokol.com”, “Protokol B.V.” or “we”, “our” or “us”, refers to Protokol B.V., registered in the Netherlands.
Our registered office address is:
For privacy-related inquiries, you may contact us via email at [email protected].
This policy is governed by the laws of the Netherlands and, where applicable, the General Data Protection Regulation (GDPR) of the European Union.
This privacy notice aims to inform you about how we collect and process any information that we collect from you, or that you provide to us. It covers information that could identify you (“personal information”) and information that could not. In the context of the law and this notice, “process” means collect, store, transfer, use or otherwise act on information. It tells you about your privacy rights and how the law protects you.
We undertake to preserve the confidentiality of all information you provide to us, and hope that you reciprocate.
General Data Protection Regulation (GDPR)
Our policy complies with the Data Protection Act 2018 (Act) accordingly incorporating the EU General Data Protection Regulation (GDPR).
The law requires us to tell you about your rights and our obligations to you in regards to the processing and control of your personal data. We do this now, by requesting that you read the information provided at: https://www.knowyourprivacyrights.org/
The GDPR extends certain rights to users of the Protokol website. Those rights are as follows:
- Right to be Informed – Protokol agrees to inform all users what data we are collecting and for what purposes.
- Right of Access – All users have a right to see what extent of their personal information is being held by Protokol.
- Right to Rectification – Users have the right to rectify any incorrect or amend any personal information being held by Protokol.
- Right to Erasure – Users can request to have their personal data erased or redacted under certain circumstances. Circumstances may include events such as: data is no longer being used for its intended purpose, or the personal data has been possessed unlawfully.
- Right to Restrict Processing – Users can request for data to be halted from being processed in the event that data is being amended or redacted.
- Right to Data Portability – Users can request any piece of personal data given to Protokol. Personal data will be supplied in a structured, commonly used, machine-readable format.
- Right to Object – Users have the ability to object to their data being processed if the data is being used in a manner that is inconsistent with the stated purpose for which it was collected.
- Rights in Relation to Automated Decision-making and Processing – Users have the right to object and not be subject to decisions based solely on automated processing
Except as set out in the third-party tools and cookies section below, we do not share, or sell, or disclose to a third party, any information collected through our website.
Data Protection Officer
We have appointed a data protection officer (DPO) who is responsible for ensuring that our policy is followed.
If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact our DPO at [email protected] or you can write to us at:
Data Protection Officer
Data Collection and use
We may collect, use, store and transfer different kinds of personal data about you. We have collated these into groups as follows:
Your identity includes information such as first name, Job title and other identifiers that you may have provided at some time.
Your contact information includes information such as email address, phone number or any other information you have given to us for the purpose of communication or meeting.
Technical data includes you internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
Marketing data includes your preferences in receiving marketing from us; communication preferences; responses and actions in relation to your use of our services.
We may aggregate anonymous data such as statistical or demographic data for any purpose. Anonymous data is data that does not identify you as an individual. Aggregated data may be derived from your personal data but is not considered personal information in law because it does not reveal your identity.
For example, we may aggregate profile data to assess interest in a product or service.
However, if we combine or connect aggregated data with your personal information so that it can identify you in any way, we treat the combined data as personal information and it will be used in accordance with this privacy notice.
Communicating with us
When you contact us through our website or by e-mail, we collect the data you have given to us in order to reply with the information you need. This includes providing information via email updates, or other communication channels.
We record your request and our reply in order to increase the efficiency of our business.
We keep personally identifiable information associated with your message, such as your name and email address so as to be able to track our communications with you to provide a high quality service.
The basis on which we process information about you:
The law requires us to determine under which of six defined bases we process different categories of your personal information, and to notify you of the basis for each category.
- To communicate with you to optimize our platform
- To provide our service
- These processing activities constitute our legitimate interests. We make sure we consider and balance any potential impacts on you (both positive and negative) and your rights before we process your personal information for our legitimate interests.
- We do not use your personal information for activities where our interests are overridden by any adverse impact on you (unless we have your consent or are otherwise required or permitted to by law).
- With your consent
- Where our use of your personal information is based upon your consent, you have the right to withdraw it anytime in the manner indicated in the Service or by contacting us at [email protected]
If a basis on which we process your personal information is no longer relevant then we shall immediately stop processing your data.
If the basis changes then if required by law we shall notify you of the change and of any new basis under which we have determined that we can continue to process your information.
We will only keep your personal data for as long as is necessary to provide applicable services/information to you however this could be a period of up to 8 years. After this period your personal data will be deleted from our records.
If you wish to be removed from our database you have the right to be forgotten. Once the request to be forgotten is received Protokol will remove all your details from our system within 4 working days.
Access to your personal data
To enquire about accessing your personal data, to update or rectify your data or to exercise your right to be forgotten/data removed, please contact our Data Protection Officer.
You can do so via email by contacting: [email protected]
Unsubscribe from Communications
You may unsubscribe or opt-out of our services at any time. Where we collect your personal data, via web form we provide you with the means to opt-out by indicating in a check-box on the form.
For email communications, your individual contact preferences and ability to unsubscribe can be accessed via the footer of marketing emails sent to you by Protokol. Simply click the “Unsubscribe” link, or send an email to [email protected] with your request.
Protokol uses a number of different cookies on our site. If you do not know what cookies are, or how to control or delete them, then we recommend you visit https://www.aboutcookies.org/ for detailed guidance.
Cookies set by us
_hash – these cookies are set to allow us to identify the status of a user on our website and are generally used across the web for things such as log-in routines and shopping baskets. This cookie expires within a month.
PHPSESSID – this cookie stores the identifier for your current session in PHP. It is removed at the end of your session.
CSRF token – Cross-Site Request Forgery (CSRF) is an attack that forces a user to perform unwanted actions on a website (for example your data could be hijacked and used to perform tasks). This cookie is required to protect users from a CSRF attack and allows us to mask your data.
Cookies set by our Third Party Tools
_ga/_gat/_gid – These cookies are utilized by Google Analytics to collect data on how visitors interact with our site. Specifically, the _ga cookie is used to distinguish users and expires after 2 years, the _gat cookie is used to throttle the request rate on high traffic sites and expires after 1 minute, and the _gid cookie is used to distinguish users and expires after 24 hours. The information collected includes the number of visitors to the site, where visitors have come from geographically, the pages they have visited, as well as the devices and browsers the visitor is using, all in an anonymous form.
__hstc, __hssrc, __hssc, and hubspotutk – these cookies are used by HubSpot to collect information about how visitors use our site. The cookies collect information which includes: the number of visits, the time of the first visit, the previous visit, and the current visit, alongside a session counter that’s updated with each subsequent session via __hstc. The __hssrc cookie is used to determine if the visitor has restarted their browser. The __hssc cookie keeps track of sessions and updates the session number and timestamps in the __hstc cookie accordingly. The hubspotutk cookie tracks a visitor’s identity and is passed to HubSpot upon form submission, aiding in deduplicating contacts and understanding user engagement over time.
_hjIncludedInSample, _hjTLDTest, _hjid, and _hjFirstSeen – these cookies are used by Hotjar to collect information on how visitors interact with our site. The cookies collect information in an anonymous form, including the number of visitors to the site, the pages they have visited, and the actions they have performed (like clicks, scroll behavior, and form submissions). The _hjIncludedInSample cookie is used to let Hotjar know whether a visitor is included in the data sampling defined by the site’s pageview limit. The _hjTLDTest cookie detects the most generic cookie path to use instead of the page hostname. The _hjid cookie stores a unique user identifier, enabling tracking of the user over subsequent visits, while the _hjFirstSeen cookie identifies a new user’s first session on the website, indicating whether or not they are a returning visitor.
Third Party tools we utilise for site analytics and performance
Protokol uses a web analytics tool to analyse site usage, how our users arrive at our site, what they do on the site, what browser they are using and on what operating system.
We use Google Analytics to help us understand how the site is being used in order to improve the user experience.
You can find out more about Google’s position on privacy as regards its analytics service at https://www.google.com/policies/privacy/partners
On Protokol’s website (this site) we use HubSpot for our online marketing activities. HubSport is a software company from the USA with branch office in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, Telephone: +353 1 5187500.
This is an integrated software solution that we use to cover different aspects of our online marketing. This includes, among others:
- Email marketing (newsletter, together with automated mailings, e.g., for provision of downloads), social media publishing & reporting, reporting (e.g., traffic sources, accesses, etc. …), contact management (e.g., user segmentation & CRM), landing pages and contact forms.
- Our registration service enables visitors to our website to find out more about our company, to download contents and to provide their contact information, together with further demographic information. This information, together with the contents of our website are stored on the servers of our software partner HubSpot. We can use it to make contact with visitors to our website and to determine which of our company’s services are interesting for them.
The legal basis for the use of HubSpot’s services is article 6 (1) f) GDPR – justified interest. Our justified interest in the use of this service is the optimization of our marketing measures and the improvement of our service quality on the website.
HubSpot is certified under the conditions of the “EU – U.S. Privacy Shield Framework” and it is subject to TRUSTe’s Privacy Seal, as well as the “U.S. – Swiss Safe Harbor” Framework.
- More information on HubSpot’s data privacy provisions
- More information on the cookies used by HubSpot can be found here & here
To remove your data from Protokol’s HubSpot database, you can do so by sending a request to our Data Protection Officer via this email address: [email protected] or by writing to us at our registered address shown at the top of the page.
Protokol use the user insight tool, Hotjar. Hotjar enables us to better understand our users’ needs and to optimize our service and customer experience based on this insight. Hotjar provides data related to users experience (e.g. how much time users spend on site, on which pages they spend their time, which links users choose to click, and what users engage with most etc.) and this enables us to build and maintain our website with user feedback in mind.
For more information and more about Hotjar’s data processing, please visit: https://www.hotjar.com/legal/compliance/gdpr-commitment/
Data Sharing with Third Parties
Protokol will not transfer your personal information to third parties for the purpose of providing or facilitating third-party advertising to you. We will also reject any offer to sell your personal information to a third party vendor for the purposes of advertising.
If Protokol intends to share your information in response and compliance to the legal process, Protokol will provide you with notice so you can challenge it (for example by seeking court intervention), unless we’re prohibited by law or believe doing so may endanger others. Protokol will not divulge user information to legal solicitations that are deemed to be improper.
California Privacy Rights
Notice concerning Do Not Track. Do Not Track (DNT) is a privacy preference that users can set in certain web browsers. We are commited to providing you with meaningful choices about the information collected on our website for third party purposes, and that is why we provide the variety of opt-out mechanisms listed above. However, we do not currently recognize or respond to browser-initiated DNT signals.
Changes to this Policy
Protokol may periodically update this Policy. We encourage you to periodically review this page for the latest information on our privacy practices. We will notify you about significant changes to it by highlighting any changes in the most recent version of the policy. The most current version of the policy will always be here and former versions of the policy can be acquired by sending a request to [email protected]. This policy was last updated on October 5th 2023.