In this Privacy Policy, we explain how we process your personal data when you visit the website www.mainstream.eu (“Website”) and contact us with an inquiry through the Website, when your employer decides to collaborate with us, and in other situations that will be explained in more detail below.
Personal data is any data related to an identifiable or identified natural person, directly or indirectly. For example, this can be your name, address, email address, bank account number, phone number, and many others.
In case the Website contains links to other websites or services, please acquaint yourself with the separate privacy policies of such websites or services.
We are the company Mainstream d.o.o. Belgrade, with headquarters at Nušićeva 15, 11 000 Belgrade (“Mainstream” or “we”), and we are the data controller for your personal data. This means that we, as the data controller, determine the purpose and manner of processing your personal data. If you have questions regarding your personal data that we process, you can contact us at the email address: kontaktlice.gdpr@mainstream.rs.
Mainstream is a company that offers hosting, cloud, and other IT support services to companies (“Services”). To provide the Services, we process certain data of our clients as data processors, but only in accordance with their instructions and on their behalf. Where we process data of our clients for the purpose of providing the Services as data processors, we have concluded the necessary data processing agreements in accordance with the law and taken appropriate technical and organizational measures to maintain the integrity of the data we process. Since, in relation to the data of our clients that we process in the course of providing the Services, we act as data processors, please acquaint yourself with the separate privacy policies of such entities as data controllers.
We process several categories of personal data in various situations.
If you contact us through the Website using the existing contact form with an inquiry about our services or wish to send us your opinion or another message related to our business, we collect your name, surname, business email, and the name of the company where you work so that we can provide you with a more accurate response to your inquiry.
If you register for webinars that we organize through the Zoom application, we will collect your name, surname, email, and company information to conduct the webinar, send you expert materials, and the like. For all details regarding how the Zoom application processes personal data, please review their privacy policy.
If your employer collaborates with us in a business capacity, we will process data such as your contact information and job position to establish a business relationship, provide and bill our Services. We may retain a minimum of your contact data even after the termination of the business collaboration with your employer to occasionally inform you via email about our offers and advantages related to the Services, for which we have a legitimate interest. In such cases, you can always request that we cease processing your data for direct marketing by clicking the “Unsubscribe” link, after which we will stop contacting you.
In the event that you attend our company events, you may be photographed, and you will receive prior notice when you arrive at the event. We have a legitimate interest in publishing photographs from our public events on the Website or on our social media profiles to inform the public about the purpose of the specific event. At any time, you can request that we remove your published photo from our Website or social media by contacting us at the email address kontaktlice.gdpr@mainstream.rs if legal conditions are met.
If you physically visit our business premises, we maintain an entry and exit record for security reasons, and in that case, we will collect your name, surname, ID card number, and the company you are coming from.
If you apply for a job with us, we will collect your CV to complete the recruitment process and hire a suitable candidate. If you are not selected for the position, we will stop processing your data unless we believe that your profile may be suitable for a future position. Only in that case, we have a legitimate interest in retaining your CV and contacting you in the future.
We process your data that we collect to establish collaboration with our clients (your employer) and bill the Services we provide based on the conclusion or execution of contracts.
If we continue to keep your contact information after the termination of collaboration with our clients, we do so based on a legitimate interest to send you information about our Services, which we believe may be of interest to the organization where you work.
Based on a legitimate interest, we may also process photographs in which you are included, taken at our public business events. Or, based on a legitimate interest, we may keep the CV you sent us when applying for a job in our company if we believe that you are a profile of a person we can engage in the future.
We have a legitimate interest in maintaining records of external visitors to our business premises for security reasons.
Your data, if you contact us to establish potential business collaboration, is processed based on the conclusion and execution of contracts. If you contact us to express your opinion, we process your data based on a legitimate interest.
If we process your data based on consent, you can withdraw your consent at any time.
We may only share your data with partners who help us or enable us to provide the Services (partners who have the necessary IT infrastructure to provide the Services, enable the payment of the Services, or online services that facilitate data processing). We have ensured that such partners, as our data processors, sub-processors, or joint controllers, are contractually obligated to access only the necessary data and take the necessary technical and organizational measures to ensure the security of such data in accordance with the law.
We take measures to ensure that your data is secure. In this regard, we have implemented appropriate technical and organizational measures to protect your personal data from unauthorized processing and from accidental loss, damage, or destruction. For example, we protect the integrity of your data by allowing only specific individuals in our organization to access the data, and we use appropriate passwords that are regularly changed.
We collect and retain your personal data only as long as there is an objective business need, after which we delete it and cease processing.
For example, we retain data collected via the contact form on the website for a maximum of one year, and we also keep data collected when you register for our webinar for one year.
We keep contact person data of employees of our clients for as long as the business collaboration exists and until necessary legal deadlines after the termination of such collaboration.
If you have not been selected for a job you applied for in our company, and we believe that you are a potential candidate for a similar position in the future, we will keep your CV for one year, after which we delete it.
If you attended our company events and were photographed, we keep those photos for one year, after which we delete them.
If you physically visit our business premises, and we collect entry and exit data from you, we keep that data for one year, after which we delete it.
We do not transfer your data outside the territory of the European Union.
You have the following rights regarding the processing of your personal data:
You can exercise the above-mentioned rights by contacting us via email: kontaktlice.gdpr@mainstream.rs
The supervisory authority for personal data protection is the Commissioner for Information of Public Importance and Personal Data Protection of the Republic of Serbia, to whom you can also submit a complaint in accordance with the law.
You can contact the authority at the following address: Bulevar kralja Aleksandra 15, 11000 Belgrade, Republic of Serbia, by email at office@poverenik.rs, or by phone at +381 11 3408 900.
If we decide to change the Privacy Policy, we will post all changes on this page. In the event that new changes to the Privacy Policy require new methods of processing your personal data for which, in accordance with the law, your consent is required, we will subsequently request such consent from you.