PRIVACY AND DATA PROTECTION POLICY
Effective Date: January 1, 2025
Controller: Progtag
Website: www.progtag.com
Contact: info@progtag.com
1. Introduction and Legal Commitment
Progtag (“Progtag”, “we”, “us”, or “our”) is committed to the lawful, fair, and transparent processing of personal data in accordance with applicable data protection legislation.
This Privacy and Data Protection Policy (the “Policy”) outlines the manner in which personal data is collected, processed, stored, and protected in connection with the operation of www.progtag.com (the “Website”) and related business activities.
Progtag processes personal data in compliance with:
- Regulation (EU) 2016/679 (General Data Protection Regulation – “GDPR”),
- applicable national data protection laws, and
- other relevant international data protection standards, where applicable.
The Website operates exclusively as a business-to-business (B2B) informational platform.
2. Scope of Application
This Policy applies to personal data processed by Progtag in connection with:
- business inquiries and communications,
- quotation requests and pre-contractual negotiations,
- contractual performance,
- administrative and regulatory compliance obligations,
- and technical operation of the Website.
Progtag does not operate an online consumer storefront, does not process consumer transactions, and does not collect payment card information.
3. Categories of Personal Data Processed
Depending on the nature of the business interaction, Progtag may process the following categories of personal data:
3.1 Business Contact Data
- Full name
- Company name
- Job title or position
- Business email address
- Business telephone number
3.2 Contractual and Administrative Data
- Billing information
- Company registration or tax identification numbers (where applicable)
- Contractual documentation
3.3 Technical and Usage Data
- IP address
- Browser type and version
- Device information
- Access timestamps
- Log data necessary for security and system integrity
Progtag does not intentionally collect or process special categories of personal data as defined under Article 9 GDPR.
4. Legal Basis for Processing
Personal data is processed strictly for specified, explicit, and legitimate purposes.
4.1 Pre-Contractual Measures
Legal basis: Article 6(1)(b) GDPR
Processing necessary in order to take steps at the request of the data subject prior to entering into a contract.
4.2 Contractual Performance
Legal basis: Article 6(1)(b) GDPR
Processing necessary for the performance of a contract to which the data subject is party.
4.3 Legal and Regulatory Compliance
Legal basis: Article 6(1)(c) GDPR
Processing necessary for compliance with legal obligations, including accounting and tax requirements.
4.4 Legitimate Interests
Legal basis: Article 6(1)(f) GDPR
Processing necessary for legitimate interests pursued by Progtag, including:
- IT security,
- fraud prevention,
- system monitoring,
- internal administrative purposes.
Where processing is based on legitimate interests, Progtag ensures that such interests are not overridden by the rights and freedoms of the data subject.
5. International Data Transfers
Given the global nature of Progtag’s operations, personal data may be transferred outside the European Economic Area (EEA).
Where such transfers occur, Progtag ensures appropriate safeguards, including but not limited to:
- Adequacy Decisions adopted by the European Commission,
- Standard Contractual Clauses (SCCs),
- or other lawful transfer mechanisms under applicable law.
6. Data Retention
Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected, including:
- duration of the business relationship,
- contractual performance period,
- statutory retention obligations.
Accounting and contractual documentation is retained in accordance with applicable legal requirements (generally up to eight years, subject to jurisdictional variation).
Upon expiration of the applicable retention period, personal data is securely deleted or anonymized.
7. Data Security Measures
Progtag implements appropriate technical and organizational measures to safeguard personal data against unauthorized access, alteration, disclosure, destruction, or loss.
Such measures include:
- SSL encryption,
- role-based access controls,
- password-protected systems,
- regular security updates and monitoring,
- internal data protection protocols,
- incident response procedures.
Security measures are reviewed and updated in accordance with industry standards and technological developments.
8. Rights of Data Subjects
Data subjects have the following rights under applicable data protection law:
- Right of access
- Right to rectification
- Right to erasure
- Right to restriction of processing
- Right to object
- Right to data portability
Requests may be submitted via email to:
info@progtag.com
Progtag will respond without undue delay and in any event within one month of receipt of the request.
If a data subject believes that personal data has been processed unlawfully, a complaint may be lodged with the competent supervisory authority.
9. Limitation of Responsibility
Progtag shall not be responsible for data processing activities conducted independently by third parties, including:
- external service providers,
- logistics partners,
- or third-party websites accessible through external links.
Progtag is not liable for inaccuracies in personal data provided by the data subject.
10. Third-Party Processors
Progtag may engage third-party service providers, including but not limited to:
- accounting firms,
- legal advisors,
- IT service providers,
- logistics partners.
Such processors are contractually bound to process personal data solely in accordance with Progtag’s instructions and applicable data protection laws.
11. Amendments
Progtag reserves the right to amend this Policy at its sole discretion.
Amendments shall become effective upon publication on the Website.
Continued use of the Website constitutes acceptance of the Policy as amended.