terms

Terms of Service

1. Introduction and Acceptance of Terms

Welcome to the Surg Solutions website (the “Site”) operated by Nova Constance s.r.o. (“Company,” “we,” or “us”). Nova Constance s.r.o. is a Czech company (Company ID IČO 22042563), registered at Sídlištní 245/18a, Lysolaje, 165 00 Praha 6, Czech Republic. These Terms of Service (“Terms”) govern your access to and use of our Site and services worldwide, including in the EU and USA. By accessing or using the Site, you agree to be bound by these Terms and all applicable laws and regulations. If you do not agree with any part of these Terms, do not use our Site or services. Please also review our Privacy Policy and Cookie Policy, which explain how we collect and manage your information and cookies; those policies are incorporated by reference into these Terms.

Eligibility: You must be at least 18 years old (or the age of majority in your jurisdiction) to use our Site. By using the Site, you represent that you are of legal age and have the capacity to enter into binding agreements. If you are using the Site on behalf of a company or other entity, you warrant that you have authority to bind that entity to these Terms. The Site is not intended for children or minors.

2. Changes to Terms

We reserve the right to modify or update these Terms at any time. Any changes will be effective once posted on this page with an updated “Last Updated” date. It is your responsibility to review these Terms periodically for updates. Continued use of the Site after any modifications constitutes acceptance of the revised Terms. If we make material changes, we may provide a prominent notice (e.g. on our homepage or via email if you have provided one) of such changes. If you do not agree to the amended Terms, you should stop using the Site.

3. Permitted Use of the Site

You may use our Site and services for your personal or internal business purposes, such as learning about our tech/data/AI consulting services and contacting us for information. We grant you a limited, non-exclusive, non-transferable license to access and use the Site in accordance with these Terms. All use must be lawful and in compliance with these Terms. You agree to use the Site only for its intended purpose and not to abuse any features. No ownership rights are transferred to you by accessing the Site; all rights not expressly granted are reserved by the Company.

4. Prohibited Conduct

When using our Site, you agree not to:

Violations of Law: Use the Site for any unlawful, fraudulent, or malicious purpose, or in any manner that violates any applicable law or regulation.
Interference: Disrupt, interfere with, or compromise the integrity or security of the Site or our systems. This includes not introducing viruses, malware, or any code harmful to the Site’s operation.
Unauthorized Access: Attempt to gain unauthorized access to any portion of the Site, other user accounts, or any networks or systems connected to the Site (such as by hacking, password “mining,” or any other illegitimate means).
Data Scraping: Extract, scrape, “crawl,” or harvest data from the Site without our prior written consent. Automated queries or bots to collect content or information from the Site are prohibited.
Intellectual Property Misuse: Copy, reproduce, modify, or distribute any content from the Site (except as permitted under Section 5 below regarding Intellectual Property) without our express authorization.
Impersonation or Misrepresentation: Impersonate any person or entity, or misrepresent your affiliation with any person or entity when using the contact form or any interactive feature (if applicable).
Spam or Malicious Content: Transmit any unsolicited or unauthorized advertising or promotional materials (e.g. “junk mail,” “spam,” “chain letters”) or any content that is defamatory, obscene, harassing, or otherwise objectionable.

Violation of the above rules may result in termination of your right to use the Site (see Section 12 on Termination) and could expose you to civil or criminal liability under applicable law. We reserve the right to monitor use of the Site and to investigate and take action against any misuse.

5. User Accounts (Future Feature Placeholder)

This section is a placeholder for potential future features. In the future, we may offer user accounts on the Site to access additional services or features. If account registration becomes available, users will be required to provide accurate, current information during signup and keep that information updated. You would be responsible for maintaining the confidentiality of your login credentials and for all activities under your account. Do not share your account credentials with others. If you suspect unauthorized use of your account, you should notify us immediately. We may impose rules regarding usernames, passwords, and account use, which will be detailed when accounts are introduced. Note: This section will be updated once user accounts are launched, and additional terms may apply at that time.

6. Subscriptions and Paid Services (Future Feature Placeholder)

This section is a placeholder for potential future subscription offerings. In the event that subscription-based services or paid offerings are introduced by Surg Solutions, the following general terms would apply (subject to further detailed terms at launch): You may be required to agree to a subscription agreement, pay fees, and provide billing information to access certain premium content or services. Subscription billing cycles (e.g. monthly or annually) and cancellation policies will be clearly communicated. You would have the right to cancel a subscription as provided by the specific plan terms (with potential pro-rata refunds if required by law or specified in the plan). We reserve the right to change fees or introduce new charges, but will give subscribers notice and an opportunity to cancel if they do not agree. Note: No subscription services are currently offered; this section will be revised with concrete details if and when such services become available.

7. Intellectual Property Rights

All content and materials on the Site, including but not limited to text, graphics, logos, icons, images, audio clips, video, software code, and design (“Site Content”), are the property of Nova Constance s.r.o. or our licensors and are protected by copyright, trademark, and other intellectual property laws. This includes the Surg Solutions name, logo, and all related product or service names and slogans. You are not granted any ownership of any intellectual property rights by using the Site.

Permitted Use of Content: You may view, download, and print Site Content for your personal use or internal business use to learn about our services. However, you must not remove or alter any copyright, trademark, or other proprietary notices. Any reproduction or distribution of Site Content beyond personal use requires our prior written permission. If you share content from our Site (where sharing features are available), you must credit us appropriately.

Restrictions: You may not copy, reproduce, distribute, publicly display, or create derivative works from any Site Content without express authorization. Using any of our trademarks (including “Surg Solutions”) in meta tags or other “hidden text” is prohibited without our consent. Unauthorized use of our intellectual property may result in termination of your access to the Site (Section 12) and potential legal action.

8. Third-Party Links and Resources

Our Site may contain links to third-party websites or resources for your convenience (for example, links to articles, partner websites, or open-source resources). These links do not signify an endorsement of the third-party site or its content. We have no control over third-party websites and assume no responsibility for the content, privacy policies, terms, or practices of any third-party sites. If you access any third-party website via links on our Site, you do so entirely at your own risk.

We recommend you review the terms and policies of any third-party site you visit. Any interactions or transactions between you and third-party sites are solely between you and that third party, and we shall not be liable for any loss or damage arising from such dealings.

9. Disclaimer of Warranties

Use at Your Own Risk: The Site and all Site Content are provided on an “as is” and “as available” basis. To the fullest extent permitted by law, we disclaim all warranties, express or implied, regarding the Site, Site Content, and services. This includes, but is not limited to, implied warranties of merchantability, fitness for a particular purpose, title, and non-infringementanywhere.legal. We do not guarantee that the Site will be uninterrupted, error-free, secure, or free of viruses or other harmful components.

Informational Content: Any material or information on our Site (such as blog posts, articles, or case studies) is for general informational purposes only and does not constitute professional advice. While we strive to keep information up to date and accurate, we do not warrant the completeness, reliability, or accuracy of any content on the Site. You acknowledge that any reliance on such information is at your own discretion and risk.

No Warranty for Third-Party Services: If our Site integrates or links to any third-party tools or services (for example, analytics, contact form processors, etc.), we make no warranties regarding those third-party services. Any third-party software or service is the responsibility of the respective providers, and we are not liable for their performance.

Some jurisdictions do not allow the exclusion of certain warranties. If those laws apply to you, some of the above disclaimers may not apply, and you may have additional rights. In such cases, our warranties are limited to the minimum legally required.

10. Limitation of Liability

To the maximum extent permitted by applicable law, Nova Constance s.r.o. and its owners, officers, employees, or agents shall not be liable for any indirect, incidental, special, consequential, exemplary, or punitive damages whatsoever, including but not limited to damages for lost profits, lost revenue, loss of data, business interruption, or other intangible losses, arising out of or related to your use of (or inability to use) the Site or servicesanywhere.legal. This limitation applies even if we have been advised of the possibility of such damages.

In jurisdictions that do not allow the exclusion or limitation of liability for consequential or incidental damages, our liability is limited to the greatest extent permitted by law. In any event, our total cumulative liability for any claims arising from or related to the Site or these Terms shall not exceed the amount (if any) you paid to us for services on the Site or EUR 100, whichever is greater.

No Liability for User Conduct or External Events: We are not responsible for the actions of other users or third parties, or for any content posted by third parties to our Site. You assume all risks associated with your interactions through the Site. Additionally, we shall not be liable for any delay or failure in performance resulting from events beyond our reasonable control (force majeure), such as internet outages, natural disasters, war, or acts of government.

Consumer Rights Notice: If you are a consumer residing in a jurisdiction with laws that provide you certain rights (for example, EU consumer protection laws), nothing in these Terms is intended to limit or exclude any mandatory consumer rights you are entitled to under such laws. Specifically, we do not seek to exclude liability for personal injury or death caused by our negligence, or for our fraudulent misrepresentation, or any other liability that cannot be excluded by law.

11. Indemnification

You agree to indemnify, defend, and hold harmless Nova Constance s.r.o. (including our affiliates, officers, directors, employees, consultants, and agents) from and against any and all claims, liabilities, damages, losses, and expenses (including reasonable legal fees) that arise from or relate to: (a) your use or misuse of the Site or services; (b) your violation of these Terms; (c) your violation of any rights of a third party (such as intellectual property or privacy rights); or (d) any content you submit or transmit through the Site (e.g., information provided via the contact form). We reserve the right, at our own expense, to assume exclusive defense and control of any matter otherwise subject to indemnification by you (in which case you agree to cooperate with us in defending such matter). This indemnification obligation will survive any termination of your account or use of the Site.

12. Termination

We may, in our sole discretion and without prior notice, suspend or terminate your access to the Site or any portion of it at any time if we believe you have violated these Terms or applicable law, or for any other reason (including inactivity or technical necessity). In the event of termination, your right to use the Site will immediately cease. The restrictions and obligations imposed on you by these Terms (such as intellectual property provisions, disclaimers, limitations of liability, and indemnity) shall survive the termination of your access and remain in effect.

If you have a user account (in the future) and it is terminated due to violation of these Terms, you may lose access to any data or content associated with your account, and you may be barred from creating a new account or accessing the Site in the future. We shall not be liable to you or any third party for any termination of your access to the Site.

You are free to stop using the Site at any time. If you wish to terminate any future account, you may do so by contacting us or using any account deletion feature provided (when accounts are available). Termination will not affect any rights or obligations accrued prior to the date of termination.

13. Governing Law and Dispute Resolution

These Terms of Service and any dispute or claim arising out of or related to them or your use of the Site shall be governed by the laws of the Czech Republic, without regard to its conflict of laws principlesanywhere.legal. By using this Site, you agree that any disputes shall be resolved exclusively in the courts of the Czech Republic, and you consent to the jurisdiction of the competent courts located in the Czech Republic for the resolution of any such disputesanywhere.legal. If you are a consumer resident in the European Union, you may also be entitled to bring claims in your home country under applicable consumer protection laws.

International Use: We make no representation that the Site Content is appropriate or available for use in all locations. If you access the Site from jurisdictions outside of the Czech Republic, you are responsible for compliance with local laws. You agree not to access or use the Site in any territory where the content or practices of the Site are illegal or violate any regulation.

Dispute Resolution Efforts: Before filing any legal action, we strongly encourage you to contact us at info@surg-solutions.com to discuss and hopefully resolve any concerns or disputes. We are open to an amicable resolution. For EU users, you may also seek to resolve disputes through the EU Online Dispute Resolution (ODR) platform or other alternative dispute resolution methods if available, though we are not obligated to participate in all such programs.

14. Contact Information

If you have any questions, concerns, or feedback regarding these Terms or the Site, please contact us at info@surg-solutions.com. You may also write to us at our registered business address: Nova Constance s.r.o., Sídlištní 245/18a, 165 00 Praha 6, Czech Republic. We will endeavor to respond to your inquiries promptly.

Nova Constance s.r.o. is the operator of Surg Solutions. Our company registration details are as provided above (IČO 22042563)or.justice.cz. For any legal notices to us, you may send them in English to the contact address or email provided.

Last Updated: October 3, 2025. These Terms of Service are effective as of this date and supersede any prior terms related to the Site.

Privacy Policy

1. Introduction

Nova Constance s.r.o. (operating as Surg Solutions) is committed to protecting your privacy. This Privacy Policy explains what personal data we collect through the Surg Solutions website and related services, how we use and protect that data, and your rights concerning your personal information. We comply with applicable data protection laws, including the EU General Data Protection Regulation (GDPR) and relevant Czech privacy laws, and we aim to provide privacy protections for all users, including those in the United States and worldwide.

By using our Site or submitting information via our contact form, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use the Site. We may update this Privacy Policy from time to time (see Section 12 on Changes), and we will notify you of significant changes. This policy is written in English and does not create any contractual rights beyond what privacy laws require, but it is intended to clearly communicate how we handle your personal data.

2. Data Controller and Contact Information

For the purposes of data protection laws, the “data controller” of your personal data is Nova Constance s.r.o., the company operating Surg Solutions. Nova Constance s.r.o. is a Czech registered company (IČO: 22042563) with its registered office at Sídlištní 245/18a, 165 00 Prague 6, Czech Republicor.justice.cz. This means Nova Constance s.r.o. determines the purposes and means of processing your personal data collected via the Site.

If you have questions about this Privacy Policy or your personal data, you can contact us at:
Email: info@surg-solutions.com
Postal mail: Nova Constance s.r.o. – Privacy, Sídlištní 245/18a, Lysolaje, 165 00 Praha 6, Czech Republic.

(Please note that written inquiries should be in English or Czech.) We take privacy inquiries seriously and will respond as soon as reasonably possible.

3. Personal Data We Collect

We collect personal data (information that can identify you as an individual, or that is linked to an identifiable individual) in several ways:

3.1 Information You Provide to Us

Contact Form Data: When you fill out the contact form on our Site (or otherwise contact us via email or other means), we collect the information you provide. This typically includes your name, email address, and the content of your message or inquiry. These fields are required for us to respond to you. Any additional information you voluntarily provide (such as your phone number, company name, or project details) will also be collected. We will use this data to communicate with you and address your inquiry or request.
Future Account or Registration Data (Placeholder): In the future, we may introduce user accounts or registration for certain services. If that occurs, we may collect information such as your name, email, username, password, and other profile details during account setup. We might also collect subscription information if you sign up for newsletters or future services (e.g. your preferences or payment information if paid subscriptions are offered). Note: Currently, we do not have user accounts or subscriptions, and this section will be updated when/if such features are launched.

We do not actively collect any sensitive personal data (such as health information, government ID numbers, or financial information) through the Site, and we ask that you not provide such sensitive data in the contact form or otherwise. The Site is intended for general business inquiries, and any unnecessary sensitive information should be avoided.

3.2 Information Collected Automatically

When you visit our Site, certain data is collected automatically by our technology systems and analytics tools:

Usage Data: We collect technical information such as your IP address, browser type, operating system, referring URL, pages you viewed, and the dates/times of your visits. This information is typically collected through server logs and analytics services (e.g. Google Analytics) to understand how visitors navigate our Site. For example, we may log which pages are most visited or how users move through the Site. This data helps us improve the Site’s content, layout, and performance. By itself, this usage data generally does not identify you by name, and we do not tie it to your individual identity unless you also submit personal information (like via the contact form).
Cookies and Similar Technologies: Our Site uses cookies and similar tracking technologies (like web beacons or pixels) to provide and improve our services (see our separate Cookie Policy for detailed information). Cookies are small text files placed on your device that allow us to remember your preferences and understand your interactions with the Sitegdpr.eu. For instance, we may use cookies to recognize that you’ve visited before or to count the number of unique visitors. Some cookies are essential for Site functionality, while others (like analytics cookies) help us analyze site traffic. We will only use non-essential cookies (such as analytics or marketing cookies) with your consent, in compliance with EU ePrivacy lawsgdpr.eu. You have choices about cookies – please see Section 6 and our Cookie Policy for more details.
Device and Browser Information: We may collect information about the device you use to access the Site (e.g., whether you’re on a mobile or desktop device, device model, unique device identifiers) and browser information (browser type, version, language). This data helps us ensure the Site is compatible with popular devices and browsers, and to diagnose technical issues if they arise.

We do not use automated decision-making or profiling that produces legal or similarly significant effects on you. Any analytics performed are on aggregated data to understand usage patterns, not to make decisions about specific individuals.

3.3 Information from Third Parties

We generally collect personal data directly from you. In some cases, we might receive information about you from third parties, for example:

If you follow or interact with us on social media (LinkedIn, etc.), we may receive basic profile information via those platforms, under their terms (we encourage you to review those platforms’ privacy settings).
If a business partner or referrer provides us your contact details (with your consent or at your direction) to reach out to you, we will treat that information in accordance with this policy.
If we implement single sign-on or social login features in the future (e.g., “Log in with Google”), we may receive your name, email or profile info from those providers, subject to your consent at that time. (Currently, no such features are used.)

4. How We Use Your Personal Data

We will only use your personal data for specified, explicit, and legitimate purposes, and we will not process it further in a manner incompatible with those purposes. Specifically, we use personal data for the following purposes:

4.1 To Respond to Inquiries and Provide Services

We use the information you provide (especially through the contact form or email) to communicate with you and respond to your requests. For example, we will use your name and email to reply to your message, answer questions about our services, or begin discussions about a potential project or business relationship. If you request a demo, quote, or consultation, we will use your information to fulfill that request. This processing is necessary to take steps at your request prior to potentially entering into a contract, or is within our legitimate interest to communicate with persons interested in our services.

If you eventually become a client of Surg Solutions, we will process your data to perform our contractual obligations, provide consulting or development services, and manage our business relationship (including billing and invoicing if applicable). In such cases, additional terms and data protection provisions may apply, which will be communicated separately.

4.2 For Communication and Updates (with Consent)

If you opt to receive newsletters or marketing communications (for example, if we provide a checkbox to subscribe to updates, or if you explicitly request to join a mailing list), we will use your contact details to send you periodic updates, newsletters, marketing emails or event invitations related to Surg Solutions and our services. We may use an email distribution platform (such as Mailchimp or a similar service) to manage these mailings. You can withdraw your consent and opt-out of marketing emails at any time by clicking the “unsubscribe” link in the email or contacting us at info@surg-solutions.com. We do not send spam; communications will be infrequent and relevant to our professional services. If you are an existing client, we may send you certain non-promotional communications relevant to services you receive (e.g., service updates), based on our legitimate interests or contractual necessity.

(Future Plans: If we introduce account systems or subscription services, we may also send administrative or transactional communications related to those accounts or subscriptions. For instance, password reset emails, account notifications, or subscription confirmations. Those communications would be considered part of the service, not marketing.)

4.3 For Site Analytics and Improvement

We use analytics tools (like Google Analytics) to collect data about how users interact with our Site. This usage data (see Section 3.2) is analyzed to help us understand aggregate user behavior and Site performance. For example, we may track overall visitor numbers, page load speeds, user navigation paths, and what content is most viewed. We use this information to improve our website design, features, and content, ensuring a better user experience. Wherever feasible, we use this data in an aggregated or anonymized form (e.g., Google Analytics can provide statistics without identifying individual visitorsgdpr.eu). We also configure analytics to respect privacy: for instance, Google Analytics may be set to anonymize IP addresses of visitors from the EU. We will not deploy analytics cookies without consent where required by law, and users can always withdraw consent or block these cookies if they prefer (see Cookie Policy). The legal basis for analytics processing is your consent (for EU users) or our legitimate interest in understanding and improving our services (for users in jurisdictions where consent is not required for such analytics, or after consent is given).

Additionally, we may use collected information to debug and fix technical issues (for example, using log data to troubleshoot errors on the Site) and to maintain the security of our Site (e.g., analyzing unusual access patterns to detect and prevent malicious activity). These uses are in our legitimate interest to ensure a safe and functional service.

4.4 For Legal Obligations and Rights

We may process personal data as necessary to comply with our legal obligations or to protect our legal rights. For example:

Record-Keeping: Business and tax laws may require us to retain certain transactional data or communications for a period of time. If you become a customer, we may keep invoices or contracts on file as required by Czech accounting or corporate regulations.
Responding to Legal Requests: If we receive a lawful subpoena, court order, or request from law enforcement or a regulatory authority, we might process and disclose data as required by law. We will attempt to inform you (if permissible) before disclosing your data in such a case.
Enforcing Our Terms: We will use data to investigate and address violations of our Terms of Service or other misuse of the Site. For instance, if needed, we may use IP addresses or other data to block users who are abusing the Site or to inform law enforcement of fraudulent or harmful activities.
Protecting Rights and Safety: We may use or disclose information as we believe necessary or appropriate to protect the rights, property, or safety of Nova Constance s.r.o., our clients, users, employees, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction (in accordance with applicable data protection laws).

4.5 Other Purposes (with Notice)

If we intend to use your personal data for any purpose that is materially different from the purposes listed above, we will update this Privacy Policy and, if required, notify you and obtain your consent. We will not use your personal data for any incompatible secondary purposes without your permission.

5. Legal Bases for Processing Personal Data (GDPR)

The GDPR requires us to have a valid legal basis for processing personal data of individuals in the European Economic Area (EEA) and equivalent regulations apply in the UK and other jurisdictions. We ensure that at least one of the following legal bases applies to each instance of processinggdpr-info.eu gdpr-info.eu:

Consent: We will rely on your consent where we explicitly ask for it and you freely give it. For example, we ask for your consent to use non-essential cookies (such as Google Analytics) and to send you marketing communications. You have the right to withdraw your consent at any time, which will not affect the lawfulness of processing based on consent before its withdrawal.
Contractual Necessity: Where we process data to perform a contract with you or to take steps at your request before entering a contract. For instance, if you request services or become a client, processing your contact details and project information is necessary to provide those services and fulfill our contract. Responding to inquiries you submit might also be considered pre-contractual processing at your request.
Legal Obligation: If we need to process data to comply with a legal obligation to which we are subject. For example, retaining financial records for tax compliance, or providing information to authorities if legally required.
Legitimate Interests: We may process your data for our legitimate interests, provided those interests are not overridden by your data protection rights. Our legitimate interests include: communicating with individuals who contact us, improving and securing our website, preventing fraud, and developing our business. For example, analyzing web traffic to improve our services is a legitimate interest. If we rely on this basis, we ensure that such processing is necessary and proportionate and we consider your privacy rights (e.g., for analytics, we use aggregated data where possible and honor opt-outs). You have the right to object to processing based on legitimate interests (see Section 9 on Your Rights).
Other Bases: In rare cases, we might process data to protect vital interests (e.g., life-and-death situations, which we hope will never occur in our context) or to perform a task in the public interest or under official authority (unlikely applicable to our private business). If such a basis were relevant, we would only rely on it in accordance with the law and likely under instruction of authorities.

We will clearly identify the legal basis for significant processing activities in this Privacy Policy or when we collect your data. In summary, we only collect and use personal data when we have a lawful basis to do soico.org.uk. If you have questions about the legal basis of how we process your data, please contact us.

6. Cookies and Tracking Technologies

As noted in Section 3.2, we use cookies and similar technologies on our Site. Some cookies are strictly necessary for the Site to function (for example, to enable core features). Other cookies (like analytics cookies) require your prior consent under EU law. We provide a detailed explanation of our use of cookies in our Cookie Policy, which is published alongside this Privacy Policy.

Key points regarding cookies:

Consent for Non-Essential Cookies: In jurisdictions where it’s required (e.g., EU member states), we will obtain your consent before setting any cookies that are not strictly necessarygdpr.eu. When you first visit our Site, you should see a cookie notice or banner asking you to agree to the use of cookies beyond those necessary for the site to work. You can choose to accept all cookies, reject non-essential cookies, or customize your cookie preferences. We will not place analytics or marketing cookies on your device unless you have opted in (consented).
Types of Cookies Used: We primarily use cookies for analytics (to understand site usage) and for remembering preferences (like a cookie to remember if you already saw the cookie banner). As of now, we do not use advertising cookies or trackers for targeted advertising on our Site. If that changes, we will update our Cookie Policy and obtain any necessary consents. Some cookies used may be third-party cookies set by service providers – for example, Google Analytics sets cookies (_ga, _gid, etc.) to collect usage statistics, and those cookies are controlled by Google as a third-party provider. We ensure any third-party cookie providers we use are reputable and we have appropriate agreements in place (e.g. Google’s data processing terms).
Cookie Duration: Some cookies are session cookies that expire when you close your browser, while others are persistent cookies that remain on your device for a defined period or until deleted. Our Cookie Policy provides details on the lifespan of cookies we use (e.g., analytics cookies might persist for a few months to recognize returning visitors, in line with recommended practices). We adhere to guidance that persistent cookies should not have excessive durations (analytics cookies are often set to expire after 6–12 months, and we will follow industry standards and legal guidelines).
Managing Cookies: You have control over cookies. In addition to using our consent banner (for EU users), you can set your web browser to refuse or delete cookies. Most browsers allow you to block third-party cookies or all cookies in settings. However, please note that if you disable all cookies, some features of the Site (especially any future login or preference features) may not function properly. For analytics cookies, Google also provides an opt-out browser add-on if you wish to prevent data from being used by Google Analytics across all websites. Refer to our Cookie Policy for links and instructions on managing cookie preferences.

For more information, please read our Cookie Policy (Section 3 of this document or accessible via our website footer). That policy is an integral part of our privacy commitment and explains in plain terms what cookies we use and why.

7. Disclosure of Personal Data (Third-Party Recipients)

We treat your personal data with care and do not sell your personal data to third parties for profitmicrosoft.com stevemadden.com. We only share your data in the following circumstances:

7.1 Service Providers (“Processors”)

We may share your information with trusted third-party service providers who perform services on our behalf, such as:

Website Hosting and IT Infrastructure: Our website may be hosted on third-party servers (for instance, our site appears on the framer.website platform, meaning Framer or its cloud providers may process technical data to serve our website). These providers handle data like IP addresses and requests to load the site.
Analytics Services: We use Google Analytics (provided by Google LLC and its affiliates) to collect and analyze usage information. Google acts as a data processor in providing aggregated analytics reports. Google may process certain data (e.g. IP address, device identifiers) for these purposes. We have configured Analytics to limit data sharing and, if possible, to anonymize IPs, but Google might be considered a recipient of personal data (under pseudonymous identifiers). See Google’s Privacy Policy for more on how they handle data.
Email and Communication Tools: If we use an email newsletter service (like Mailchimp, operated by The Rocket Science Group LLC, or an equivalent), that provider will process your name and email to send out our communications. Similarly, if you email us, your email is processed by our email hosting provider. We ensure such providers are contractually bound to protect your data and use it only under our instructions.
Customer Relationship Management (CRM) or Project Management: In the future, we might use CRM software or cloud platforms to manage client contacts and projects. Those systems would contain contact details and communications. Any such platform (e.g., HubSpot, Salesforce, etc., purely hypothetical at this stage) would have access to the data we input into their system for storage and organization, under strict confidentiality and security commitments.
IT Support and Others: We may use other vendors for tasks like data backup, cybersecurity monitoring, or development support. They might incidentally have access to data when performing their functions, but only to the extent necessary for the task and under duty of confidentiality.

In all cases, we only share the minimum necessary information with our service providers for them to perform their services. They are not allowed to use your information for their own purposes. We have agreements in place (Data Processing Agreements where required) to ensure they process personal data in compliance with GDPR and other applicable laws, solely for our specified purposes, and with appropriate security measures.

7.2 Business Transfers

If Nova Constance s.r.o. (or Surg Solutions) undergoes a business transaction such as a merger, acquisition by another company, reorganization, or sale of all or part of its assets, personal data may be transferred to the acquiring entity or merged with the other business. We will ensure that any such transfer is lawful and secure. The new owner or merged entity will be required to honor the commitments we have made in this Privacy Policy or provide notice of any changes. If such a transfer would result in a materially different use of your personal data, we will notify you and, if required, obtain your consent.

7.3 Legal Compliance and Protection

We may disclose personal data to third parties (such as courts, law enforcement agencies, regulators, or legal counsel) when we believe, in good faith, that such disclosure is necessary to:

Comply with a legal obligation: This could be a law, regulation, legal process, or enforceable governmental request. For example, responding to a subpoena or court order for information. We will verify any request to ensure it has appropriate authority before disclosing data.
Protect rights and safety: As mentioned in Section 4.4, we might share data to enforce our Terms of Service, investigate potential violations, or protect the rights, property, and safety of our company, our users, or others. For instance, exchanging information with fraud prevention agencies or sharing data with law enforcement if a user is engaged in malicious activities like cyber-attacks.

We will carefully assess such requests and only provide data that is reasonably required. Whenever permitted, we will inform individuals about such disclosures.

7.4 International Data Transfers

Because our Company is based in the Czech Republic (EU) but we operate globally and use some international service providers, the personal data we collect may be transferred to and stored in countries outside of your own jurisdiction. If you are in the EU or UK, please note:

Some of our service providers are located in or have servers in the United States or other countries outside the European Economic Area (EEA) that may not be deemed to have equivalent data protection laws. For example, Google and Mailchimp are US-based companies.
When we transfer personal data out of the EEA/UK, we ensure appropriate safeguards are in place as required by GDPR (Chapter V). Typically, we rely on European Commission Standard Contractual Clauses (SCCs)gdpr.euas a legal mechanism for such transfers, which contractually oblige the recipient to provide a level of protection essentially equivalent to EU standards. These SCCs have been adopted in our agreements with relevant providers.
In some cases, transfers might be to countries that the European Commission has determined offer an adequate level of data protection (an “adequacy decision”), in which case separate safeguards are not required. (For instance, if any data were stored in countries like Canada or Japan, which have adequacy decisions – purely hypothetical examples).
We also assess on a case-by-case basis whether additional technical or organizational measures are needed to ensure data remains protected (such as encryption in transit and at rest, data minimization, etc.), particularly for US transfers in light of EU court decisions. Our aim is to make sure your data is secure no matter where it is processed.

You can contact us if you have questions about international data transfers or if you would like to see a copy of the relevant contractual safeguards (we may redact some terms for confidentiality). By using our Site and providing information to us, you acknowledge that your personal data may be transferred internationally, and we will take all steps reasonably necessary to ensure it is treated securely and in accordance with this Privacy Policy.

7.5 No Selling of Data

We do not sell, rent, or trade your personal information to third parties for their own marketing or commercial purposes. In the context of privacy laws like the California Consumer Privacy Act (CCPA), we also confirm that we do not sell personal information (as “sell” is defined by the CCPA)privacy.abbvie. Therefore, we do not offer an opt-out of sale because we don’t perform any sales of data. Any sharing we do (as described in 7.1 – 7.4 above) is for legitimate business or legal purposes, not commercial gain from your data.

8. Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements. Retention periods will vary depending on the type of data and the purpose of processing. Here are some general guidelines we follow:

Inquiry/Contact Data: If you contact us with a question or potential business inquiry but do not become a client, we will retain your contact details and communications for a reasonable period in order to follow up on the inquiry and assess our business opportunities. Typically, we may keep inquiry data for up to 12–24 months after our last interaction, in case you decide to proceed later or we need to reference the conversation. We believe this time frame balances our business interest in developing client relationships with your privacy. You can request deletion sooner (see Section 9 on your rights), and we will oblige unless we have a compelling reason or legal requirement to retain the data.
Client Data: If you become a client, we will retain your data for the duration of our business relationship. After the relationship ends, we will keep relevant data for the period necessary to administer any post-contract obligations, to maintain accurate financial and business records, and to comply with legal obligations. For example, Czech accounting law may require us to keep invoices and contract records for 10 years from the end of the accounting period. We may also retain communications or project deliverables as part of our business archives for a similar period. We will securely archive such data and limit access to it.
Marketing Data: If you have consented to receive newsletters or marketing emails, we will retain your email address and related preferences until you unsubscribe or withdraw consent. Upon unsubscribe, we will promptly remove you from our mailing list (and, to ensure compliance, we may keep a record of your request and email to ensure we don’t accidentally re-add you, as allowed or required by law). If we use a mailing service, your contact info will be deleted or suppressed in their system as well.
Analytics Data: Data collected via Google Analytics and similar tools is stored as per those tools’ standard retention settings. We have configured Google Analytics data retention to an industry-standard period (commonly 14 months or similar) unless we have a specific reason to keep aggregated data longer. Analytics cookies themselves may expire sooner (see Cookie Policy). In general, analytics reports contain aggregated data without personal identifiers, and we may retain those indefinitely for historical analysis, since they do not identify individuals. Raw logs of web requests to our server are typically rotated and deleted within a few months at most, unless needed for security analysis.
Legal and Security Records: We may retain information for longer periods if we are legally required to do so (e.g., for litigation or regulatory investigations) or if needed to resolve disputes and enforce our agreements. For instance, if we receive a legal notice or are involved in a dispute, we will preserve relevant communications and data until the issue is resolved and for the statute of limitations period thereafter (which can be several years). Similarly, data needed for detecting or preventing fraud or security incidents may be kept longer if it remains relevant to ongoing security efforts.

After the applicable retention period has ended, we will either delete your personal data or anonymize it (so it can no longer be associated with you) in a secure manner. We will also periodically review the data we hold, and if we determine that certain information is no longer needed, we will remove it. For example, if we realize that we have outdated contact info or an inactive lead that never converted, we may purge that from our systems as part of routine clean-up.

Please note: Due to technical reasons, backup systems or cached data might retain some personal data for a short period beyond the deletion process. However, we have procedures to ensure that such data is not restored or used improperly, and backups are eventually cycled out.

If you have any specific questions about our data retention practices for a certain type of data, you can contact us for more detailed information.

9. Your Rights and Choices

You have various rights regarding your personal data under applicable privacy laws, particularly if you are in the EU/EEA (under the GDPR) or in other jurisdictions with similar laws. We are committed to honoring your rights. Below is a summary of your data protection rights:

Right to Be Informed: You have the right to be informed about the collection and use of your personal dataedpb.europa.eu. We fulfill this through this Privacy Policy and any specific notices at the point of data collection (e.g., a short form notice on the contact form).
Right of Access: You have the right to request a copy of the personal data we hold about you, as well as information about how we process it (often called a Subject Access Request)edpb.europa.eu. We will provide you with a copy of your data in a commonly used format, typically within one month of verification of your identity (as permitted by law, this period can be extended by two further months for complex requests, but we will inform you if an extension is needed)edpb.europa.eu edpb.europa.eu.
Right to Rectification: If any personal data we hold about you is inaccurate or incomplete, you have the right to have it corrected or updatededpb.europa.eu. Upon your request, we will rectify any incorrect data about you.
Right to Erasure: You have the right to request deletion of your personal data in certain circumstances (“right to be forgotten”)edpb.europa.eu. For example, if the data is no longer necessary for the purposes it was collected, if you withdraw consent (where consent was the basis), or if you object to processing and we have no overriding legitimate grounds, or if we unlawfully processed your data. This right is not absolute – we may retain data that we are required to keep by law or that is necessary to establish, exercise, or defend legal claims. But we will honor valid requests and erase data when required. If we have shared your data with others, we will inform them of the erasure request where possible.
Right to Restrict Processing: You have the right to request that we limit the processing of your data in certain situationsedpb.europa.eu. For instance, if you contest the accuracy of the data, we may restrict processing while verifying; or if you object to our processing based on legitimate interests, we may restrict processing while considering your objection. Restriction means we will store your data but not actively use it (beyond storing) until the issue is resolved.
Right to Data Portability: For data that you have provided to us and is processed by us by automated means on the basis of consent or contract, you have the right to request a copy in a structured, commonly used, machine-readable formatedpb.europa.eu. For example, if in the future you had an account and provided profile information, you could ask for an export of that data. You also have the right to request that we transmit that data to another controller, where technically feasible. (Note: This right likely has limited application in our current context since we mostly process basic contact info, but we will accommodate it if relevant.)
Right to Object: You have the right to object to our processing of your personal data in certain circumstancesedpb.europa.eu. You can object at any time to processing for direct marketing purposes, and we will stop such processing immediately (this includes profiling related to direct marketing, though we currently do very minimal profiling). You can also object if we are processing your data based on legitimate interests or public interest, and you have grounds relating to your particular situation. We will then stop the processing unless we have compelling legitimate grounds that override your interests, rights, and freedoms or if continued processing is needed for legal claims.
Right not to be subject to Automated Decision-Making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significant effects for youedpb.europa.eu. We do not engage in such automated decision-making without human involvement. We will inform you if this changes and if any such processes are put in place with your data.
Right to Withdraw Consent: If we rely on your consent for any processing (e.g., for marketing emails or certain cookies), you have the right to withdraw that consent at any time. You can do so by contacting us or using provided mechanisms (like unsubscribe links or cookie settings). Withdrawal of consent will not affect the legality of what we did prior, but it will stop that processing moving forward. For example, if you withdraw consent for Google Analytics cookies, we will stop collecting analytics data from your visits (after you adjust settings or clear cookies as needed).
Right to Lodge a Complaint: If you believe we have infringed your data protection rights or processed your data unlawfully, you have the right to lodge a complaint with a supervisory authority (data protection authority) in your countryedpb.europa.eu. As Nova Constance s.r.o. is based in the Czech Republic, our lead supervisory authority is the Czech Office for Personal Data Protection (Úřad pro ochranu osobních údajů), located at Pplk. Sochora 27, 170 00 Prague 7, Czech Republicuoou.gov.cz. You can contact them via their website uoou.cz or email (posta@uoou.cz). If you reside in another EU country, you may contact your local data protection authority. For users outside the EU, you may have the right to complain to a regulator in your jurisdiction as well. We would, however, appreciate the chance to address your concerns directly before you approach a DPA, so please consider reaching out to us first.

Your Choices: In addition to formal rights, you have control over how we interact with you. For example, you can choose not to provide certain information (though it may limit our ability to respond), you can opt out of marketing communications, and you can set cookie preferences (as described). We will always respect your choice and aim to make it easy for you to exercise your rights.

How to Exercise Your Rights: You can exercise the applicable rights at any time by contacting us at info@surg-solutions.com with your request. Please clearly state what you are requesting (e.g., “I am requesting a copy of my data” or “Please delete the data I provided through the contact form on [date]”). For your protection, we may need to verify your identity before fulfilling certain requests (to ensure that we do not disclose data to the wrong person or delete data at the request of someone impersonating you). Verification might involve confirming ownership of your email or asking for additional information that matches our records.

We will respond to your request as soon as possible, typically within one month. If your request is complex or if we receive many requests, we may extend the response time by up to two further months, but we will inform you of the extension within the initial one-month period. In general, we will not charge a fee for handling your reasonable requests. However, if requests become excessive or manifestly unfounded (e.g., repetitive with no reasonable purpose), we reserve the right allowed by law to either charge a reasonable fee or refuse to act, but we will explain our reasoning in such cases.

For California residents (CCPA/CPRA) and residents of certain U.S. states with privacy laws (like Virginia, Colorado, etc.): We intend to honor similar rights to the extent they apply. While our operations may not squarely fall under those laws due to our size or scope, we will accommodate requests to know, delete, or correct personal information as required. Notably, as mentioned, we do not sell or share personal data for targeted advertising, so the opt-out of sale/share is not applicable. If you are a California resident, you also have the right not to receive discriminatory treatment for exercising your privacy rights. We will treat all users equally, regardless of their choices regarding personal data.

10. Data Security

We take the security of your personal data seriously. Nova Constance s.r.o. implements a variety of technical and organizational security measures to protect your data from unauthorized access, disclosure, alteration, and destruction. These measures include, but are not limited to:

Encryption: Our website is served over HTTPS, which means data transmitted between your browser and our Site is encrypted in transit (using TLS/SSL). If we store any sensitive information (for example, if in the future user account passwords are stored, they will be hashed or encrypted). We also encourage you to ensure that when you contact us via email, you use a reputable email service that supports encryption.
Access Controls: We restrict access to personal data to those staff, contractors, and service providers who need to know that information in order to process it for us. They are subject to strict confidentiality obligations. Access to systems that contain personal data (e.g., our email accounts, website CMS, analytics dashboards) is protected by strong passwords and, where supported, two-factor authentication.
Secure Hosting: We use reputable hosting and cloud service providers that employ high standards of security. This includes firewalls, intrusion detection systems, and regular security patching. We keep our website platform and any related software up to date to mitigate vulnerabilities. For instance, if our site runs on a content management system or uses libraries, we monitor for security updates.
Backup and Recovery: We perform regular backups of key data to prevent data loss. Backups are stored securely and with access controls. If any data incidents occur, we have plans for recovery and will endeavor to restore functionality with minimal disruption.
Monitoring and Testing: We monitor our systems for potential vulnerabilities and attacks. We may conduct periodic security assessments or audits (directly or via third-party security experts). If we ever suspect any breach of personal data, we have a data breach response procedure that includes notifying affected users and authorities as required by law.
Physical Security: To the extent any personal data is stored or accessible at our physical office or devices, we take measures to secure those as well (e.g., locked offices, alarm systems, encrypted laptops, etc.). However, given our digital focus, most personal data resides in cloud services rather than on-premise.

Despite our efforts, please be aware that no method of transmission over the Internet, and no method of electronic storage, is completely secure. While we strive to protect your personal data, we cannot guarantee absolute security. Cyber threats evolve rapidly, and there is always some risk of data breaches or other incidents. We therefore cannot warrant the security of any information you transmit to us or store on our systems, and you do so at your own risk.

If you have reason to believe that your interaction with us or the Site is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised or you suspect a vulnerability), please immediately notify us at info@surg-solutions.com. We will work with you to address the issue.

We will notify you and the appropriate authorities of data breaches if required by law. For instance, under the GDPR, if a security incident results in a high risk to your rights and freedoms, we will inform you without undue delay. For users in other jurisdictions, we will follow applicable breach notification laws.

11. Children’s Privacy

Our Site and services are not directed to children, and we do not knowingly collect personal data from individuals under the age of 16 (and in many jurisdictions, under 13). If you are under 16 years old, please do not provide any personal information to us — including your name, address, telephone number, or email address. If we discover that we have inadvertently collected personal data from a child under the relevant age without proper consent, we will delete that information promptly.

Parents or guardians: If you believe that your child under 16 (or under 13, depending on applicable law) has provided us with personal information, please contact us at info@surg-solutions.com. We will take steps to remove the data and unsubscribe the child from any of our communications.

We recognize the importance of protecting children’s privacy. We comply with the GDPR’s provisions regarding children’s data (Article 8) which require parental consent for processing personal data of children in the context of online services offered directly to children under 16 (the age may be lowered to 13 in some EU countries, but we default to 16 unless local law says otherwise). We also adhere to the U.S. Children’s Online Privacy Protection Act (COPPA), which imposes requirements for websites that knowingly collect data from children under 13. Again, while our Site is not intended for children, we take all these laws into account to ensure we have proper measures in place.

In summary, if you are not an adult (generally 18+ in most jurisdictions), you should use our Site only with the involvement of a parent or guardian. We do not provide services to minors and we will not intentionally collect or maintain data about anyone under the applicable age of consent.

12. Changes to This Privacy Policy

We may update or revise this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make changes, we will post the updated policy on this page and adjust the “Last Updated” date at the end of this policy. Please review this Policy periodically to stay informed about how we are protecting your information.

If we make any material changes, we will take additional steps to inform you: for example, by posting a notice on our website’s homepage or sending you a direct notification (via email, if we have your email on file) explaining the changes. For significant changes, we may also seek your consent if required by law (especially if any change expands how we use personal data beyond what you originally consented to).

Examples of material changes might include: adding new types of personal data we collect, changing how we use data, or engaging new third parties that process your data in fundamentally different ways. Minor changes, like clarifications or improvements in wording, will typically not be explicitly announced, but the updated Policy will always be available for you to read.

If you continue to use the Site or our services after a Privacy Policy update takes effect, it will signify your acceptance of the updated terms (to the extent permitted by law). However, we will not treat your personal data in a manner materially different from what is stated in the Policy at the time of collection without your consent.

For your convenience, we will keep prior versions of this Privacy Policy (with their effective dates) available upon request so you can see how our privacy practices have evolved.

13. Contact Information and Complaints

If you have any questions, concerns, or requests regarding this Privacy Policy or our personal data practices, please feel free to contact us:

Email: info@surg-solutions.com
Postal Mail: Nova Constance s.r.o. – Privacy Team, Sídlištní 245/18a, Lysolaje, 165 00 Prague 6, Czech Republic.
Attn: Data Protection Officer (if applicable) / Privacy Inquiry.

While we do not currently have a statutory Data Protection Officer (DPO) since our size and processing activities do not mandate one under GDPR, we do have personnel responsible for privacy compliance. If you email us, please include in the subject or body that your inquiry is about “Privacy” or “Personal Data” so that it can be routed appropriately.

We will work diligently to address and resolve any issues you bring to our attention. Your privacy is important to us, and we welcome feedback. If you feel we have not dealt with your concern satisfactorily, remember you have the right to escalate the matter to a supervisory authority as described in Section 9.

Once again, our lead supervisory authority is the Czech Office for Personal Data Protection (Úřad pro ochranu osobních údajů), which you may contact at Pplk. Sochora 27, 170 00 Prague 7, Czech Republic, or via their website uoou.czuoou.gov.cz. They can provide guidance or take complaints in Czech or English. If you reside in another country, you may prefer to contact your home country’s data protection regulator.

We truly value the trust you place in us by sharing your personal data, and we are committed to working with you to ensure that trust is deserved.

Last Updated: October 3, 2025. This Privacy Policy is effective as of this date and supersedes any previous privacy notices on our Site.

Cookie Policy

Introduction

This Cookie Policy explains what cookies and similar technologies are, how Surg Solutions (operated by Nova Constance s.r.o.) uses them on our website, and what choices you have regarding their use. We want to ensure you have a clear understanding of our use of cookies so that you can make informed decisions.

By using our Site, you can consent to the use of cookies as described in this policy (except to the extent you opt-out or disable cookies, as explained below). If you have any questions about this Cookie Policy, you can contact us at info@surg-solutions.com. We also recommend reading our Privacy Policy for a broader understanding of how we protect your privacy.

What Are Cookies?

Cookies are small text files that websites (or certain emails) place on your device (computer, smartphone, tablet) when you visit. They are stored by your browser and often contain a unique identifier along with some information about your visit. Cookies are widely used to make websites work, or work more efficiently, as well as to provide information to the site ownersgdpr.eu. In and of themselves, cookies are harmless – they do not contain software programs, viruses, or malware. Instead, they act as memory for the website, allowing it to remember your actions or preferences over time.

There are different types of cookies:

First-party cookies: Set by the website you’re visiting (in this case, surg-solutions.framer.website or our surg-solutions.com domain). Only that website can read those cookies.
Third-party cookies: Set by a domain different from the one you’re visiting, typically when the website incorporates elements from other sites (like images, social media plugins, or analytics scripts). For example, if we use Google Analytics, Google’s domain will set a cookie on your browser; this is a third-party cookie.
Session cookies: Temporary cookies that last only for the duration of your browsing session. They are deleted when you close your browser. These are often used for remembering things in a short timeframe, such as items in a shopping cart as you navigate a site.
Persistent cookies: These remain on your device even after you close the browser. Persistent cookies have an expiration date and will stay until that date is reached (unless you delete them manually before then). They are used for remembering you across sessions — for example, a persistent cookie might keep you logged in or remember your preferences for future visitsgdpr.eu.

Cookies can also be categorized by purposegdpr.eu gdpr.eu:

Strictly Necessary Cookies: These cookies are essential for the operation of a website. Without them, the site may not function properly. They are typically set in response to your actions, such as logging in, filling in forms, or setting privacy preferences. Strictly necessary cookies do not require consent under EU law, but we still inform you about themgdpr.eu.
Functional (Preferences) Cookies: These cookies allow a site to remember choices you make (like your username, language, or the region you are in) and provide enhanced features. For instance, a website might remember your language preference or other customizations.
Analytics (Statistics) Cookies: These cookies collect information about how visitors use a website — for example, which pages are visited most often, and if any error messages were encountered. They generally don’t collect information that directly identifies a visitor. The information is often aggregated and anonymous, used only to improve how the site worksgdpr.eu. (Note: Some analytics cookies might be considered “non-essential” because they aren’t needed for the core functionality of the site, so they typically require user consent.)
Marketing (Advertising) Cookies: These are used to track browsing habits and activity across websites to profile your interests and show you relevant ads on other sites. They can also limit how many times you see an ad and measure the effectiveness of ad campaigns. These are often third-party persistent cookies set by advertising networks. We do not currently use marketing/advertising cookies on our Site, and if we ever introduce them, we will do so only with explicit consent and by updating this policy.
Other Tracking Technologies: In addition to cookies, there are similar technologies like web beacons or pixels(small images embedded in a webpage or email that track when they’re viewed), local storage (which stores data in your browser, similar to cookies), and scripts that can act as trackers. In this policy, when we refer to “cookies,” we generally include these similar technologies as well.

How We Use Cookies

We use cookies on our Site for the following purposes:

1. Strictly Necessary Cookies

These cookies are essential for the basic functioning of our website. Without them, certain features may not work properly. For example:

Cookie Consent Cookie: When you first visit the Site, you might be presented with a cookie banner to obtain your consent for non-essential cookies. If you make a selection (accept or decline certain cookies), we use a cookie to remember your preferences so that we don’t ask you every time and to ensure we respect your choices. This cookie is necessary to remember your privacy settings.
Security and Access: If our site uses any security measures (like Cloudflare or similar services to mitigate DDoS attacks, or a session identifier to distinguish genuine traffic), those mechanisms might set necessary cookies. Similarly, if in the future we have a login area, a session cookie would be necessary to keep you logged in as you navigate pages.
Functionality needed for Service: Any features that require keeping track of input across pages (for example, if there’s a multi-step form or remembering form values if there is a validation error) might rely on necessary cookies or equivalent storage.

We do not need to ask for your consent to use strictly necessary cookies, but we still want you to be aware of them and why they’re usedgdpr.eu. These cookies typically do not store any personal identifiable information, and they are only used to provide you with services or remember settings that are strictly required.

2. Functionality (Preferences) Cookies

These cookies help to enhance your experience by remembering certain choices you make. Examples on our Site include:

Language or Region: (If applicable) If our Site had multiple language options or region-specific content, a cookie might remember your selection so you don’t have to choose each time. Currently, our Site is in English only, so this may not apply yet.
UI Preferences: If our Site offers a dark mode/light mode toggle or other interface customization, a cookie could store your preference so that it persists on future visits.
Remembering Details: For instance, if our contact form allows it, a cookie might save your basic info (like name and email) so that you don’t need to re-type it on a second inquiry (though we currently do not encourage storing personal info in cookies for privacy reasons, so this is just a potential example).

We currently have a relatively simple informational website, so the use of functional cookies is minimal. But as we add features, we may introduce such cookies. These cookies may be set by us or by third-party providers whose services we have added to our pages (for example, if we embed a map or a chat widget, those might use cookies). If they are not strictly necessary, we will treat them as requiring consent.

3. Analytics Cookies

We use analytics cookies to understand how visitors engage with our Site, so we can improve it. The primary analytics tool we use is Google Analytics (GA). Analytics cookies on our Site help us:

Count Visitors: Identify unique visitors and count visits. Google Analytics, for example, assigns an anonymous ID to each visitor to count how many people visit and how often.
Understand Usage Patterns: Learn which pages are most popular, how users move through the Site, and where they may encounter issues. This can tell us things like the average time spent on a page, or the path users take to find a certain information.
Analyze Traffic Sources: Determine how you found our Site (e.g., via a search engine, a link from another site, or directly typing our URL). This helps us understand how effective our marketing or SEO efforts are.
Error Monitoring: Track any errors or broken pages users encounter, so we can fix them.
Demographics and Interests (if enabled): Google Analytics can provide aggregated demographic information (like age group, interests) based on your browsing habits, but we have not enabled any advertising features or demographic tracking in GA at this time. We focus on basic usage statistics.

The information collected by analytics cookies is aggregated and anonymized; it does not include personal details like your name or email. For example, Google Analytics might tell us that “200 users visited the Services page this week” or that “50% of visitors are from European countries,” but it does not reveal who those individuals are. Moreover, we have configured Google Analytics to anonymize IP addresses for visitors from the EU (meaning GA truncates the last digits of your IP, reducing accuracy in geolocation) to enhance privacy.

Key Analytics Cookies we use: (for transparency)

_ga: A Google Analytics cookie used to distinguish users (by a unique ID). It has a typical expiration of 2 years.
_gid: Another GA cookie to distinguish users, with a 24-hour expiration.
_gat: A GA cookie used to throttle request rate (to limit the collection of data on high traffic sites). Expires in 1 minute.
(Note: The exact cookies can change if Google updates their technology, and if we move to Google Analytics 4, some cookie names or behaviors might differ. We will update this list if needed.)

Because analytics cookies are not strictly necessary, we will only set them on your device if you have given consent through our cookie banner or settingstermsfeed.com termsfeed.com. If you opt out or decline, no analytics cookies should be placed (and our site will still function normally, just without the analytics tracking). You can also manage these cookies as described in the “Managing Cookies” section below.

4. Advertising/Marketing Cookies

As of the latest update, our Site does not use any advertising cookies or deliver third-party ads to you. We do not track you for advertising purposes or share your data with ad networks via cookies. Therefore, you should not see cookies on our Site intended for ad targeting, such as those from Google Ads, Facebook Pixel, or similar marketing platforms — unless we explicitly implement something like that in the future (and if so, it would be done transparently and with consent).

If in the future we decide to run any advertising or remarketing campaigns (for example, showing Surg Solutions ads on other platforms to people who visited our Site), we will update this section and clearly explain what cookies are being used (e.g., a Facebook or LinkedIn retargeting cookie) and obtain your consent for those. We will also provide you the ability to opt out of such marketing cookies from the get-go.

5. Third-Party Functionality

Our Site might integrate content and services from third parties that could set cookies. For instance:

Embedded Videos or Media: If we embed YouTube videos, Vimeo content, or audio players, those providers might set cookies to track video views or remember your volume preferences. YouTube, for example, uses cookies to keep statistics of how many times a video is played and to store user preferences. If these are embedded in privacy-enhanced mode (like YouTube’s no-cookie domain), tracking is minimized, but some cookies might still apply when you click play.
Social Media Widgets: If our site includes social sharing buttons (e.g., a LinkedIn “Share” button or Twitter feed), those services may set cookies to properly show content or track sharing counts. These cookies would only be set if you interact with the widget or possibly on page load if the widget loads content from the social network.
Forms and Spam Protection: If we use CAPTCHA services (like Google reCAPTCHA) to protect forms from spam, that service sets cookies to perform risk analysis. Google’s reCAPTCHA, for example, uses a cookie to determine if the user is a bot. This is technically for security, but since it’s from Google, it is a third-party cookie. We would treat it as necessary for form security, but it’s worth mentioning here.

We strive to limit third-party integrations and only use those that are necessary for functionality or improvement. In cases where these third-party elements set cookies, those cookies might be categorized under the above sections (necessary, functional, or analytics) depending on their function. We will disclose their presence and purpose.

Important: Any third-party cookies are controlled by the third parties, not us. That means we don’t have direct access to the information they store (though we might receive aggregated information via their services). Those third parties should have their own privacy/cookie policies on their websites. We encourage you to read those policies to understand what they do with the data collected. For example, Google’s Privacy Policy covers Google Analytics and reCAPTCHA cookies; YouTube’s Privacy Policy would cover any YouTube cookies if we embed videos.

Your Consent and Cookie Preferences

When you first visit our Site from the EU (or where applicable law mandates), you will see a cookie consent banner or pop-up. This banner allows you to give consent to non-essential cookies or manage your preferences. We implement this to comply with the EU ePrivacy Directive and GDPR requirements that require prior consent for placing non-essential cookies on your devicegdpr.eu gdpr.eu.

Giving Consent: The banner typically has options like “Accept All Cookies,” “Reject Non-Essential Cookies,” or “Customize Settings.” If you click “Accept All,” you consent to us placing all cookies we use (including analytics cookies). If you choose to “Reject” or only accept some categories, we will honor that choice and not load the cookies you have not consented to. We keep track of your choice using a necessary cookie (so that the banner doesn’t keep appearing and so that we remember what you decided).

Withdrawing Consent: If you have consented to cookies but later change your mind, you have the right to withdraw your consent at any time. We make this as easy as giving consentgdpr.eu. For instance, there may be a “Cookie Settings” link on our website (often in the footer or in this policy page) which you can click to adjust your preferences. Using that, you can disable certain categories of cookies (like analytics) and our site will stop using them. Additionally, you can always clear cookies from your browser (see next section on managing cookies manually).

Note: If you are not in a jurisdiction that requires an opt-in banner, you might not see one. However, we still allow any visitor to opt out of cookies as they wish, by using browser controls or contacting us.

Managing and Disabling Cookies

Browser Settings: Most web browsers allow you to control cookies through their settings preferences. You can usually find an option to clear existing cookies, block cookies from certain sites, or block all cookies. You can also set your browser to notify you when cookies are being set. Please be aware that if you disable all cookies, some parts of our Site may become inaccessible or not function correctly (particularly those marked as strictly necessary).

Here are instructions for managing cookie settings in some popular browsers (you can search online for the latest steps as they may change):

Google Chrome: Go to Settings > Privacy and security > Cookies and other site data. You can allow all, block third-party, or block all cookies, and see all cookies stored.
Mozilla Firefox: Go to Options > Privacy & Security > Cookies and Site Data. You can clear data, manage data (to remove specific cookies), and change your preferences under “Browser Privacy” by selecting Standard, Strict, or Custom (where you can block cookies).
Safari (macOS): Go to Preferences > Privacy. There you can block all cookies or manage website data to remove specific cookies. On iOS, go to Settings > Safari > Advanced > Website Data to remove cookies.
Microsoft Edge: Go to Settings > Cookies and site permissions > Manage and delete cookies and site data. You can choose to allow or block cookies and see all cookies.
Internet Explorer 11: (Though a legacy browser) Go to Internet Options > Privacy, and you can adjust the slider for cookie handling or use Advanced settings to override automatic cookie handling.

Analytics Opt-Out: For Google Analytics, Google provides an Opt-Out Browser Add-on which, once installed, prevents Google Analytics from collecting information on that browser for any site. This add-on is available at tools.google.com/dlpage/gaoptout. Note that this is provided by Google, and installing it is a choice you can make if you want to broadly opt out of GA tracking without adjusting cookie settings site by site.

Do Not Track (DNT): Some browsers have a “Do Not Track” feature that can send a signal to websites indicating you do not want to be tracked. Our Site currently does not respond differently to DNT signals, because there is not yet an industry standard on how to interpret them. However, as described here, you have control via cookie consent and browser settings to achieve a similar outcome.

Third-Party Opt-Out: If we had any advertising cookies (which we currently do not), you could also utilize broader industry opt-outs. For example, in the US, the Digital Advertising Alliance (DAA) provides an opt-out tool at optout.aboutads.info and in the EU you can visit youronlinechoices.eu to manage preferences for multiple ad networks. Again, these are more relevant if advertising cookies are in play.

Remember, if you use multiple devices or browsers, you’ll need to manage settings on each one, because preferences do not automatically carry over between browsers or devices.

Cookies Used on Our Site (Summary)

For transparency, here is a summary of cookies that may be set by our Site (this list may be updated from time to time):

Necessary Cookies:
- cookieConsentPreference (example name) – remembers your cookie consent settings. Expiration: e.g., 6–12 months.
- XSRF-TOKEN or similar – if our forms use cross-site request forgery protection, a cookie like this might be used. Expiration: session.
- (If using Cloudflare) __cfduid – used by Cloudflare for security (note: Cloudflare replaced this cookie in recent times). Expiration: ~30 days.
- If future login: session cookie named like sessionid or similar – to keep you logged in. Expiration: session or a few days if “remember me.” (Not currently in use.)
Analytics Cookies (set only if consented):
- _ga – Google Analytics ID cookie, used to distinguish usersgdpr.eu. Expiration: 2 years.
- _gid – Google Analytics, distinguishes users in the short term. Expiration: 24 hours.
- _gat – Google Analytics throttle cookie. Expiration: 1 minute.
- _ga_<container-id> – Google Analytics 4 cookie (if GA4 is used) to persist session state. Expiration: 2 years.
  (Note: If we update our analytics or use other tools, we will include them here.)
Functionality Cookies:
- Possibly a preferredLanguage or theme cookie – to store site preferences. Expiration: maybe 1 year. (Only hypothetical if we add multi-language or theme toggle.)
- If embedding YouTube: VISITOR_INFO1_LIVE, YSC – YouTube cookies for video service (VISITOR_INFO1_LIVE persists ~6 months to estimate bandwidth; YSC is session-based for tracking video views). These would load only if you play an embedded YouTube video.
- If using reCAPTCHA: __rcp or __recaptcha – Google reCAPTCHA cookies to perform bot detection. These would be considered necessary for security.
Marketing Cookies:
- None currently. (If we ever use Google Ads: cookies like IDE or test_cookie from DoubleClick; if Facebook Pixel: _fbp; etc. At present we do not set these.)

We will keep this list as accurate as possible. However, the specific names and purposes might change if our site technology changes.

Compliance with EU Law

We adhere to the EU laws regarding cookies. This means:

We obtain prior consent for any cookies that are not strictly necessarygdpr.eu.
We provide clear and detailed information about what cookies are used and why (through this policy and the consent interface)gdpr.eu.
We allow you to access our Site even if you refuse non-essential cookies (we do not treat you differently, aside from not loading those cookies)gdpr.eu. For instance, if you decline analytics cookies, you can still read all content and use all features; we just won’t measure your visit.
We make it easy for you to withdraw consent as it was to give itgdpr.eu (via our Cookie Settings interface or by contacting us).
We also keep a record of when and how users gave consent, as part of our compliance documentation (this is typically handled through the consent management tool we use).

Our approach is in line with the ePrivacy Directive (Cookie Law) and the GDPR’s transparency and consent requirements, as well as guidance from regulatory bodies. We will also monitor developments, such as the forthcoming ePrivacy Regulation, and adjust our practices accordingly.

Changes to This Cookie Policy

We may update this Cookie Policy from time to time, for example if we start using new cookies, or if regulations change, or to improve clarity. The “Last Updated” date at the end of this policy will reflect when the latest changes were made. We encourage you to review this Cookie Policy periodically.

If we make significant changes (such as adding new cookie categories that require consent), we may show an updated cookie banner to draw your attention to those changes or seek consent for new cookies. Minor changes (like corrections or rephrasing) might not trigger a new banner, but the updated policy will always be accessible on our Site.

By continuing to use our Site after changes to this policy, you acknowledge the revised policy. However, we will not reduce your rights under this policy without obtaining consent when required.

Contact Us

If you have any questions or concerns about our use of cookies, or if you need any assistance with managing your preferences, please contact us:

Email: info@surg-solutions.com
Mail: Nova Constance s.r.o. – Cookie Policy Inquiry, Sídlištní 245/18a, 165 00 Prague 6, Czech Republic.

We will be happy to explain more or help you exercise your choices regarding cookies.

For further information about how we handle personal data (including data that might be collected via cookies), please refer to our Privacy Policy.

Last Updated: October 3, 2025. This Cookie Policy is effective as of this date. We will update it as needed to stay compliant with law and reflect any changes in our cookie usage.

menu