Privacy Policy

Information about the processing and protection of your personal data in accordance with GDPR and Czech Act No. 110/2019 Coll.

Effective from January 21, 2026

Introduction

CALDERON CZECH REPUBLIC s.r.o. places great emphasis on the protection of your personal data. This document informs you about what personal data we process, why we process it, how long we retain it, and what rights you have in connection with the processing.

1

Data Controller

The controller of your personal data is:

CALDERON CZECH REPUBLIC s.r.o.

Company ID: 27582787

Registered Office: Květinová 127, Svádov, 403 22 Ústí nad Labem

Office: Dlouhá 3458/2a, 400 01 Ústí nad Labem

Contact for personal data protection matters:

Email: kancelar@calderon.cz

Phone: +420 474 777 200

2

Categories of Processed Data

Depending on the purpose of processing, we may process the following categories of personal data:

Identification data:

  • First and last name
  • Company name
  • Company ID, VAT ID (for entrepreneurs)

Contact data:

  • Email address
  • Phone number
  • Postal address

Form data:

  • Content of messages from contact forms
  • Preferences and requirements (consultation topic, training requirements)
  • Number of participants, preferred format (online/offline)

Reservation data:

  • Date and time of reservation
  • Type of space (meeting room, podcast studio)
  • Reservation notes

Technical data:

  • IP address
  • Browser and device type
  • Cookies and analytics data (with consent)
3

Processing Purposes

We process your personal data for the following purposes:

Contract performance:

  • Providing ordered services
  • Communication regarding the order
  • Issuing invoices and tax documents
  • Managing reservations and the booking system

Legitimate interest:

  • Protection of our rights and legitimate interests
  • Improving our services
  • Prevention of fraud and security incidents
  • Marketing to existing customers (commercial communications)

Legal obligations:

  • Accounting and tax records
  • Archiving documents according to law

Consent:

  • Sending marketing communications (newsletter)
  • Analytics and marketing cookies
4

Legal Basis for Processing

We process personal data based on the following legal grounds:

Art. 6(1)(b) GDPR—contract performance:

Processing is necessary for the performance of a contract to which the data subject is party or for pre-contractual measures at the request of the data subject.

Art. 6(1)(c) GDPR—legal obligation:

Processing is necessary for compliance with a legal obligation to which the controller is subject (accounting and tax regulations).

Art. 6(1)(f) GDPR—legitimate interest:

Processing is necessary for the purposes of the legitimate interests pursued by the controller or a third party.

Art. 6(1)(a) GDPR—consent:

The data subject has given consent to the processing of their personal data for one or more specific purposes.

5

Recipients of Personal Data

We may transfer your personal data to the following categories of recipients:

Processors:

  • Hosting and server services provider
  • Email services provider
  • Accountant and tax advisor
  • CRM system provider

Third parties:

  • Public authorities (based on legal obligation)
  • Google (analytics services—only with consent)
  • Meta (marketing services—only with consent)

We do not transfer personal data to third countries outside the European Economic Area, except for Google and Meta services, which have appropriate safeguards in place (standard contractual clauses).

6

Data Retention Period

We retain personal data only for the time necessary to fulfill the purpose of processing:

Data for contract performance:

  • Duration of the contractual relationship + 3 years (limitation period)

Accounting and tax documents:

  • 10 years from the end of the accounting period (according to the Accounting Act)

Contact forms:

  • 1 year from submission, if no contractual relationship arises

Space reservations:

  • 1 year from the reservation date

Marketing data (newsletter):

  • Until consent is withdrawn

Analytics cookies:

  • According to the settings of respective services (max. 2 years)
7

Your Rights

In connection with the processing of your personal data, you have the following rights:

  • Right of accessYou have the right to obtain confirmation as to whether we process your data and, if so, access to it and information about the processing.
  • Right to rectificationYou have the right to request correction of inaccurate data or completion of incomplete data.
  • Right to erasureYou have the right to request erasure of your data if they are no longer necessary for the purpose of processing or if you withdraw consent.
  • Right to restriction of processingYou have the right to request restriction of processing, e.g., if you contest the accuracy of data or raise an objection.
  • Right to data portabilityYou have the right to receive your data in a structured, commonly used format and transfer it to another controller.
  • Right to objectYou have the right to object to processing based on legitimate interest, including direct marketing.
  • Right to withdraw consentIf processing is based on consent, you have the right to withdraw this consent at any time without affecting the lawfulness of prior processing.
  • Right to lodge a complaintYou have the right to lodge a complaint with the supervisory authority—the Czech Data Protection Office (ÚOOÚ).

To exercise your rights, contact us at kancelar@calderon.cz or by phone at +420 474 777 200. We will respond to your request within 30 days.

8

Cookies and Tracking

Our website uses cookies to ensure basic functionality and—with your consent—for analytics and marketing purposes.

Detailed information about the cookies used and the option to set preferences can be found on the Cookie Information page.

We process necessary cookies based on legitimate interest (ensuring website functionality). We process analytics and marketing cookies only based on your consent.

9

Data Security

To protect your personal data, we have implemented the following technical and organizational measures:

  • Data encryption in transit (HTTPS/TLS)
  • Secure data storage
  • Access restricted to authorized persons only
  • Regular updates and security patches
  • Employee training in personal data protection
  • Contractual arrangements with processors
10

Third-Party Services

On our website, we use the following third-party services:

Google Analytics (with consent):

Google Calendar (for reservations):

  • Purpose: Managing space reservations
  • Processor: Google Ireland Limited

Meta Pixel (with consent):

11

Changes to This Policy

We may occasionally update this Privacy Policy. We will inform you of significant changes via email or announcement on the website.

We recommend regularly checking this page to stay informed about current rules for processing your data.

Last updated: January 21, 2026

Contact for Data Protection Matters

If you have questions or requests regarding the processing of your personal data, contact us:

kancelar@calderon.cz+420 474 777 200

Supervisory Authority

If you believe that the processing of your personal data violates GDPR, you have the right to lodge a complaint with the supervisory authority:

Czech Data Protection Office (ÚOOÚ)

Pplk. Sochora 27, 170 00 Prague 7

https://www.uoou.cz

Related Documents

Terms and ConditionsCookie Information