Menu
Domů Zásady ochrany osobních údajů EN

Privacy Policy

  1. Who We Are and What This Is About
    1. The data controller within the meaning of Article 4(7) of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as “GDPR”) is Brno for you, z. s., Company ID: 03376010 (hereinafter referred to as the “Controller”).
    2. Controller’s contact details:

      Address: Nové sady 988/2, Staré Brno, 602 00 Brno, Czech Republic

      Email: info@brnoforyou.cz
    3. Personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
  2. What Personal Data We Process
    1. The Controller processes personal data you have provided, for example, when communicating with us or when subscribing to our newsletter. Specifically, we may process the following categories of personal data:

      • Identification and address data

      • Electronic contact information

      • Other electronic data

      • Additional personal data

  3. Legal Basis for Processing Your Personal Data
    1. All personal data is collected and processed by the Controller lawfully. We process personal data on the following legal grounds:

      • Based on your consent (e.g. when you voluntarily subscribe to our newsletter)

      • To comply with legal obligations (e.g. in the event of supervision by a regulatory authority)

      • Based on our legitimate interests (e.g. when you express interest in opportunities published on our website, in order to contact you with participation options)

  4. Legal Basis and Purpose of Personal Data Processing

    1. The legal basis for processing your personal data is:

      1. the Controller’s legitimate interest in providing direct marketing (especially for sending commercial communications and newsletters) in accordance with Article 6(1)(f) of the GDPR,
      2. your consent to the processing of personal data for the purposes of direct marketing (especially for sending commercial communications and newsletters), in accordance with Article 6(1)(a) of the GDPR in conjunction with Section 7(2) of Act No. 480/2004 Coll., on Certain Information Society Services, if no goods or services have been ordered.
    2. The purpose of processing personal data is to send commercial communications and conduct other marketing activities.
    3. The Controller does not use automated individual decision-making within the meaning of Article 22 of the GDPR. Such processing is carried out only if you have given your explicit consent.

  5. How Long We Retain Personal Data

    1. The Controller retains personal data until you withdraw your consent to processing for marketing purposes, but no longer than 5 years, if the data is processed on the basis of your consent.
    2. Once the retention period expires, the Controller will delete the personal data.

  6. Recipients of Personal Data (Controller’s Subcontractors)

    1. Recipients of personal data include persons who:
      • participate in ensuring the operation of our services,
      • provide marketing services.
    2. The Controller may transfer personal data to third countries (outside the EU) or international organizations under a written agreement. Recipients of such data in third countries may include providers of email or cloud services.
  7. Your Rights
    1. Under the conditions set by the GDPR, you have the right to:
      • access your personal data (Article 15 GDPR),

      • rectify your personal data (Article 16 GDPR), or restrict processing (Article 18 GDPR),

      • erase your personal data (Article 17 GDPR),

      • object to processing (Article 21 GDPR),

      • data portability (Article 20 GDPR),

      • withdraw your consent to processing at any time, in writing or electronically, via the contact details listed in Section III of this policy.

    2. You also have the right to lodge a complaint with the Data Protection Authority if you believe that your data protection rights have been violated.

  8. What Measures We Have Taken to Protect Your Data

    1. The Controller declares that all appropriate technical and organizational measures have been taken to ensure the security of personal data.
    2. The Controller has implemented technical measures to secure both electronic data storage and physical (paper-based) personal data, including but not limited to regular data backups, the use of a secure HTTPS protocol, antivirus software updates, and other standard IT security practices.

    3. The Controller also declares that access to personal data is granted only to authorized and trained individuals who are bound by confidentiality agreements with the Controller.

  9. Final Provisions
    1. By checking the consent box via the online form, you agree to these terms. By giving your consent, you confirm that you have read, understood, and fully accept the terms of this privacy policy.
    2. The Controller reserves the right to amend this policy in writing. Any updated version of the privacy policy will be published on the Controller’s website or sent to the email address you have provided to the Controller.