Privacy Policy

Data Controller:

Štěpánka Hojdová

Elišky Krásnohorské 2121/13, Aš
IČO 73715964
VAT ID CZ8653121928
Email: stepanka.jovanovic@gmail.com
Phone: +420 734 852 303

Registered Entrepreneur in the Trade Register

(hereinafter referred to as the "Controller")

I. Key Definitions

The Controller operates websites, social media profiles, and other online services on the Internet (hereinafter referred to as "Services"). In the course of operating the Services, the Controller processes personal data.

Personal data refers to identifiers provided by users to the Controller that, either alone or in combination with other identifiers, can identify a specific user (natural person).

Data Subject, for the purposes of these Policies, is a user – a natural person whose data is processed by the Controller in the operation of the Services.

Processing of personal data involves individual operations or a set of operations systematically carried out in handling personal data. This includes, notably, their collection, organization, storage, retrieval, use, sorting, and disposal in databases, blocking, and other related activities. The processing of personal data by the Controller complies with applicable legislation in the field of personal data protection, particularly Regulation (EU) 2016/679 of the European Parliament and of the Council (hereinafter referred to as "GDPR") and Act No. 110/2019 Coll., on personal data processing.

Processor refers to an individual (natural or legal) authorized by the Controller to process personal data for purposes determined by the Controller.

Special categories of data are personal data revealing, for instance, the health status of data subjects, as well as data concerning racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, sexual life, or sexual orientation of a natural person.

II. Purpose and Method of Personal Data Processing

1. The purpose of processing personal data is the utilization of Services provided by the Controller. The legal basis for processing personal data includes a concluded contract, order, granted consent by data subjects, or legitimate interest.

2. The Controller sends email newsletters only based on specific consent or upon meeting conditions under Act No. 480/2004 Coll., on certain information society services, for sending email messages (newsletters).

3. The Controller processes personal data to the extent provided by users and only for the aforementioned purposes (purchase of Services / conclusion of a contract or further use of Services and sending information in the form of email newsletters).

4. The Controller processes personal data by performing various tasks and operations, including storing them in a user database, modifying them upon users' requests for supplementation or modification, searching them within its database, sorting them according to individual criteria, and disposing of them after the expiry of the processing period or upon the withdrawal of consent by data subjects.

5. Special categories of data are processed by the Controller only based on the voluntary provision of such data by data subjects in the context of using the services; the Controller does not require or have any prior or any other interest in the processing of such data. The provision of such data always depends on the decision of data subjects.

6. Data subjects are informed in advance within the contractual relationship with the Controller and agree that in the event a purchased service or product includes a group online lesson or online workshop conducted through a digital platform (Zoom, etc.), the Controller is entitled to record such lesson or workshop and use it for its further purposes, including its dissemination through the internet or email within its business activities.

III. Retention Period of Personal Data

The Controller retains the provided personal data for the following periods:

  • For the duration of the contractual relationship and for the following 5 years after its termination (for possible claims or other contractual parties' claims).
  • For 5 years from the last use of the service by users.
  • Or until the withdrawal of consent or a similar action by users, revoking the possibility of processing their personal data by the Controller.

IV. Rights of Data Subjects

The Controller guarantees data subjects, in connection with the processing of personal data, the following rights based on the GDPR:

  1. Data subjects have the right to access their personal data. They also have the right to rectify and/or supplement or erase them, or they may request the restriction of the processing of their personal data, as well as the right not to be subject to automated individual decision-making (including profiling).
  2. Data subjects have the right to object to the processing of their personal data.
  3. Data subjects have the right to data portability in a structured, commonly used, and machine-readable format.
  4. Data subjects are entitled to withdraw their consent to the processing of personal data at any time. For withdrawing consent, the Controller recommends using this contact email: stepanka.jovanovic@gmail.com.
  5. Data subjects are entitled to lodge a complaint with the supervisory authority, which is the Office for Personal Data Protection (www.uoou.cz), with its registered office at Pplk. Sochora 27, 170 00 Prague 7, email: posta@uoou.cz, data box: qkbaa2n.

V. Information about Cookies

1. When using websites, the Controller uses cookies or similar technologies. Cookies are small content files used to store and receive identifiers and other information about users' devices accessing the Controller's websites.

2. The Controller uses basic (essential) technical, analytical, and marketing cookies. Technical cookies assist in viewing the websites and, if necessary, in registering for the Controller's Services. The Controller uses analytical cookies to analyze data to improve the functioning of the Controller's Services. Marketing cookies are used to track users' website preferences for targeted advertising. The Controller uses analytical and marketing cookies in collaboration with third-party tools and uses them only with the prior consent of users.

3. Users are entitled to refuse the use of cookies in the settings of their internet browser or to set the use of only certain cookies, using a special cookie management tool within the Controller's websites.

VI. Final Provisions

1. In the event that the Controller uses processors for its activities, it undertakes to entrust them with the protection of personal data to the same extent as guaranteed to data subjects under these policies.

2. The Controller does not transfer personal data outside the EU in its activities.

3. The Controller reserves the right to change them in case of changes on the part of the Controller or changes in the legal regulations in this area.

4. These Privacy Policies are effective as of August 25, 2023.


Štěpánka Hojdová