Imprint

Zeneli Bygg
c/o Zeneli
Artilerigatan 18 1002
752 37 Uppsala
Sweden

Represented by:
Elton Zeneli
(founder, owner, CEO)

Commercial Register: Bolagsverket (Swedish Companies Registration Office)

Contact Information

Zeneli Bygg
Artilerigatan 18
75237 Uppsala

Phone: +46 076 297 35 94
Email: eltonzeneli63@gmail.com

Privacy Policy

1. An overview of data protection

General information
The following information will provide you with an easy to navigate overview of what will happen with your personal data when you visit this website. The term “personal data” comprises all data that can be used to personally identify you. For detailed information about the subject matter of data protection, please consult our Data Protection Declaration, which we have included beneath this copy.

Data recording on this website

Who is the responsible party for the recording of data on this website (i.e., the “controller”)? The data on this website is processed by the operator of the website, whose contact information is available under section “Information about the responsible party (referred to as the “controller” in the GDPR)” in this Privacy Policy.

How do we record your data?

We collect your data as a result of your sharing of your data with us. This may, for instance be information you enter into our contact form. Other data shall be recorded by our IT systems automatically or after you consent to its recording during your website visit. This data comprises primarily technical information (e.g., web browser, operating system, or time the site was accessed). This information is recorded automatically when you access this website.

What are the purposes we use your data for?
A portion of the information is generated to guarantee the error free provision of the website. Other data may be used to analyze your user patterns.

What rights do you have as far as your information is concerned?
You have the right to receive information about the source, recipients, and purposes of your archived personal data at any time without having to pay a fee for such disclosures. You also have the right to demand that your data are rectified or eradicated. If you have consented to data processing, you have the option to revoke this consent at any time, which shall affect all future data processing. Moreover, you have the right to demand that the processing of your data be restricted under certain circumstances. Furthermore, you have the right to log a complaint with the competent supervising agency. Please do not hesitate to contact us at any time if you have questions about this or any other data protection related issues. Analysis tools and tools provided by third parties There is a possibility that your browsing patterns will be statistically analyzed when your visit this website. Such analyses are performed primarily with what we refer to as analysis programs. For detailed information about these analysis programs please consult our Data Protection Declaration below.

2. Hosting
We are hosting the content of our website at the following provider:

Company Name: Webador / JouwWeb B.V.
Address: Torenallee 20, 5617 BC Eindhoven, NETHERLANDS
Contact Options:
Email via a contact form
Phone: +31(0)40-3031360
Website: www.webador.de

Webador is a tool for creating and hosting websites. When you visit our website, Webador analyses user behavior, visitor sources, region of website visitors and visitor numbers. The Webador stores cookies on your browser, which are necessary for the presentation of the website and to ensure security (necessary cookies).

Date recorded via Webador may be stored on a variety of servers around the globe. Among other locations, Webador servers are also located in the Netherlands.

The following outlines the terms under which JouwWeb B.V. processes personal data on behalf of its clients and is an integral part of their general terms and conditions.

Article 1. Purpose of Processing
The Processor agrees to process personal data on behalf of the Controller primarily for services provided via the Webador website, including hosting, managing websites/webshops, processing orders/payments, cloud data storage, email hosting, and related online services.

The Controller must inform the Processor of any processing purposes not explicitly mentioned. The Processor can use personal data for quality purposes (e.g., scientific or statistical research). Personal data remains the property of the Controller and/or the data subjects.

Article 2. Obligations of the Processor
The Processor guarantees compliance with applicable laws and regulations, especially those related to personal data protection, such as the General Data Protection Regulation (GDPR).

The Processor will inform the Controller of measures taken to fulfill its obligations under this agreement upon request. The Processor's obligations extend to anyone processing personal data under its authority (e.g., employees). The Processor must immediately inform the Controller if any instruction from the Controller contradicts legal provisions. The Processor will assist the Controller with Data Protection Impact Assessments (PIAs) where possible. The Processor maintains a record of all processing activities carried out for the Controller, in accordance with Article 30 of the GDPR, and will provide access to this record upon request.

Article 3: Transfer of Personal Data
Personal data can be processed within the European Union. Data can also be transferred outside the EU if the destination country ensures an adequate level of protection and complies with other obligations of this agreement and data protection laws.

Article 4. Assignment of Responsibility
The Processor provides ICT resources for the Controller's use. The Processor only performs processing based on separate agreements. The Processor is solely responsible for processing personal data under this agreement, following the Controller's instructions and under the Controller's explicit responsibility. The Processor is not responsible for other data processing, such as data collection by the Controller, processing for uncommunicated purposes, or processing by third parties. The Controller guarantees that the content, use, and instruction for processing personal data are lawful and do not infringe on third-party rights.

Article 5. Engagement of Third Parties or Sub-processors
The Controller authorizes the Processor to engage third parties for processing personal data, provided they comply with applicable data protection laws. These third parties must assume at least the same obligations as agreed upon between the Controller and the Processor. The Processor guarantees the correct fulfillment of obligations by these third parties and is liable for their errors as if committed by itself.

Article 6. Security
The Processor aims to implement appropriate technical and organizational measures against loss or unlawful processing (e.g., unauthorized access, alteration, disclosure) of personal data. The Processor does not guarantee security under all circumstances. If security measures are not explicitly described, the Processor will strive for a security level that is not unreasonable considering the state of the art, data sensitivity, and implementation costs. The Controller should only provide personal data to the Processor after ensuring that necessary security measures have been taken and is responsible for complying with agreed measures.

Article 7. Notification Obligation (Data Breach)
The Controller is always responsible for reporting security and/or data breaches (any breach of personal data security with potential adverse consequences for data protection) to the supervisory authority and/or affected data subjects. To enable the Controller to meet this obligation, the Processor must notify the Controller of any security and/or data breach within a reasonable timeframe. Reports are required only for significant events and if the event has actually occurred. The reporting obligation includes the fact of the leak, its nature, categories of data subjects/data affected, contact details for more information, probable consequences, and proposed/taken remedial measures. In accordance with Article 33.5 GDPR, the Processor documents data breaches, including facts, consequences, and corrective actions.

Article 8. Handling of Data Subject Requests
If a data subject makes a request to exercise their legal rights (Articles 15-22 GDPR) to the Processor, the Processor will handle the request itself and inform the Controller about the processing of such a request. The Processor may charge the Controller for the costs of handling the request.

Article 9. Secrecy and Confidentiality
All personal data received by the Processor from the Controller, or collected under this agreement, is subject to a duty of confidentiality towards third parties. The Processor cannot use this information for any purpose other than that for which it was received, even if it's anonymized. This confidentiality obligation does not apply if the Controller has given explicit consent for disclosure, if disclosure is logically necessary for the assigned task, or if there is a legal obligation to disclose.

Article 10. Audit
The Controller is entitled to have independent, confidential third parties conduct audits to verify compliance with general data processing regulations, misuse of personal data by Processor employees, and related matters. Audits can occur with specific suspicion of data misuse. The Processor will cooperate with the audit and provide all relevant information, including supporting data (e.g., system logs) and access to employees, as promptly as possible. The Processor will evaluate audit findings and may implement them at its discretion. The Controller bears the costs of the audit.

Article 11. Liability
The liability of the parties for damages arising from a attributable shortcoming in fulfilling the Processor Agreement, or from an unlawful act, or otherwise, is governed by the liability rules set out in the Processor's General Terms and Conditions.

Article 12: Duration and Termination
This Data Processing Agreement becomes effective upon the Controller's acceptance and remains valid for the duration of the Processor's processing of the Controller's personal data. Upon termination of the agreement with the Processor, for any reason or in any form, the Processor will destroy the personal data received from the Controller within six months. The Processor has the right to revise this agreement periodically and must inform the Controller of changes. The Controller can terminate this agreement immediately if unable to agree to the changes.