Privacy Policy

I. Preamble

1. These rules for the protection and processing of personal data (hereinafter the “Policy”) describe which personal data of Users – i.e. any natural person who visits the website, uses it, or creates a user account on it (hereinafter the “Data Subject”) – are processed in the course of the activities of Potěšit oči, z. s., ID No. 23816864, registered office: Mikoláše Alše 913/91, 798 11 Prostějov – Vrahovice, registered in the public register maintained by the Regional Court in Brno, Section L, File No. 31556 (hereinafter the “Controller”).

2. This Policy defines the types of personal data we collect and process when you use our services, as well as the ways in which your personal data are used, shared and protected. It also explains the options available to you in relation to your personal data and how you can contact us. We hereby inform you below about the processing of your personal data and about your rights in accordance with Article 12 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (hereinafter the “GDPR”).

3. Personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

II. Processors and Recipients of Personal Data

1. The Controller is entitled to disclose personal data to entities with whom it has concluded a personal data processing agreement and who process personal data for the Controller as its processors.

2. Personal data of the Data Subject may also be disclosed to the following recipients/categories of recipients:

  • the Controller’s suppliers;
  • the Controller’s employees;
  • persons in another contractual relationship with the Controller (e.g. providers of marketing and advertising services, law firms, cooperating tax advisers);
  • financial institutions and insurance companies;
  • public authorities, where required for the fulfilment of statutory obligations imposed by applicable legal regulations.

III. Categories of Personal Data Processed

1. The Controller is entitled to process in particular the following personal data of the Data Subject:

  • address and identification data necessary for the clear and unequivocal identification of the Data Subject (e.g. name, surname, academic title, date of birth, personal identification number if applicable, permanent residence address, business address, mailing address, ID number, VAT number) and contact details allowing communication with the Data Subject (e.g. contact address, telephone number, fax number, e-mail address and similar information);
  • identity document details, such as ID card or passport number, authority issuing the document, document validity period, and, where applicable, a copy of the identity document;
  • descriptive and financial information (e.g. bank account details, payment information or credit card information);
  • data provided beyond statutory requirements and processed on the basis of the Data Subject’s consent (e.g. use of personal data for recruitment purposes, use for promotional purposes and similar);
  • personal settings (preferences), including marketing preferences and cookie preferences of the Data Subject;
  • other data necessary for the performance of a contract;
  • any other personal data that the Data Subject has provided to the Controller.

IV. Purposes and Legal Basis for Processing Personal Data

1. The Controller processes the personal data of the Data Subject for the following purposes:

  • a) performance of a contract, pursuant to Article 6(1)(b) GDPR;
  • b) compliance with a legal obligation of the Controller imposed by applicable legal regulations, pursuant to Article 6(1)(c) GDPR (e.g. the Controller’s obligation to retain accounting and tax documents);
  • c) establishment, exercise or defence of the Controller’s legal claims, pursuant to Article 6(1)(f) GDPR;
  • d) sending commercial communications, based on Article 6(1)(f) GDPR, due to the Controller’s legitimate interest consisting of direct marketing;
  • e) other marketing purposes of the Controller related to the offering of products and services; sending information about organised events, products, services and other activities (e.g. newsletters, telemarketing); contacting Data Subjects for market research and marketing surveys; contacting them with Christmas, Easter or other holiday greetings and for sending discount vouchers, gifts, etc., based on the Data Subject’s consent pursuant to Article 6(1)(a) GDPR.

V. Period for Processing Personal Data

1. Personal data shall be processed only for the period necessary with regard to the purpose for which they are processed. In light of the above:

  • for the purpose under letter a) above, personal data shall be processed until the termination of obligations arising from the contract (this does not affect the Controller’s ability to subsequently process such data – to the necessary extent – for the purposes under letters b), c), d) and/or e) above);
  • for the purpose under letter b) above, personal data shall be processed for the duration of the relevant legal obligation of the Controller;
  • for the purpose under letter c) above, personal data shall be processed until the end of the fourth calendar year following the expiry of any warranty period agreed under the contract (if a warranty for quality has been agreed), but at least until the end of the fifth calendar year following the termination of contractual obligations;
  • if judicial, administrative or other proceedings are initiated and ongoing in which the rights or obligations of the Controller in relation to the Data Subject are addressed, the period of processing for the purpose under letter c) above shall not end before the conclusion of such proceedings;
  • for the purpose of sending commercial communications under letter d) above, personal data shall be processed until the Data Subject expresses their objection to such processing;
  • for the purposes under letter e) above, personal data shall be processed for the period for which the Data Subject has granted consent to the Controller pursuant to the separately agreed consent to personal data processing. In such cases, the Data Subject acknowledges that prior to the expiry of this period, the Controller may contact them for the purpose of renewing their consent.

2. No later than by the end of the calendar quarter following the expiry of the processing period, the relevant personal data for which the purpose of processing has ceased shall be destroyed (shredded or eliminated by another method ensuring that unauthorised persons cannot access the personal data) or anonymised.

VI. Method of Processing Personal Data

1. Personal data are processed by the Controller. Processing is carried out at the Controller’s registered office by the Controller’s authorised employees or by processors. The Controller may collect or obtain personal data through its website at the e-mail address info@potesitoci.cz, through forms, electronic or telephone communication, personal meetings, or by other means. Processing takes place using computer technology, or manually in the case of personal data in paper form, subject to compliance with all security principles for the management and processing of personal data. For this purpose, the Controller has adopted technical and organisational measures to ensure the protection of personal data, in particular measures preventing unauthorised or accidental access to personal data, their alteration, destruction or loss, unauthorised transfers, unauthorised processing, as well as any other misuse of personal data. All entities to whom personal data may be disclosed respect the Data Subjects’ right to privacy and are obliged to act in accordance with applicable personal data protection legislation.

2. No automated individual decision-making or profiling based on the provided data shall be carried out. Personal data of Data Subjects shall not be transferred to third countries.

VII. Processing of Personal Data – Principles

1. The Controller, the Controller’s suppliers, employees and persons in another contractual relationship with the Controller always follow the principles below when handling personal data:

  • personal data shall be processed fairly and in accordance with applicable legal regulations;
  • personal data shall be collected, processed and used only to the extent necessary for purposes consistent with the purpose of personal data processing;
  • personal data shall be accurate and up to date. Any inaccuracy shall be corrected as soon as the Controller becomes aware of it;
  • personal data shall be processed only for as long as necessary in view of the purpose of the processing;
  • due regard shall always be paid to respecting the rights of Data Subjects;
  • appropriate technical and organisational measures shall be taken to prevent unauthorised or unlawful disclosure of personal data. All personal data stored on computers are, and will continue to be, stored on password-protected devices accessible only to authorised persons. Offices are locked outside working hours and may be accessed only by authorised staff.

VIII. Information Provided to Data Subjects under the GDPR

1. In connection with the processing of their personal data, Data Subjects have a number of rights, including the right to request from the Controller:

  • access to their personal data (under Article 15 GDPR);
  • rectification or erasure of personal data (under Articles 16 or 17 GDPR);
  • restriction of processing (under Article 18 GDPR);
  • the right to object to the processing of personal data (under Article 21 GDPR);
  • the right to data portability (under Article 20 GDPR);
  • the right to obtain confirmation from the Controller as to which personal data concerning them are being processed, for what purposes and to whom they may be disclosed;
  • the right to raise objections to the processing of personal data;
  • the right to request correction or supplementation of personal data;
  • the right to withdraw consent to personal data processing, either in writing or electronically, using the address or e-mail of the Controller specified in this Policy.

2. If the Data Subject discovers or believes that their personal data are being processed in a manner that infringes their right to privacy or is contrary to legal regulations, they have the right to contact the Controller with a request for an explanation and/or for the rectification of the situation. The request must be submitted in writing by sending a letter to the Controller’s address: Mikoláše Alše 913/91, 798 11 Prostějov – Vrahovice, or via e-mail to: info@potesitoci.cz.

3. If the Data Subject’s request is found to be justified, the Controller shall promptly remedy the defective state. This does not affect the Data Subject’s right to contact the supervisory authority directly:
Office for Personal Data Protection,
Pplk. Sochora 27, 170 00 Prague 7, Czech Republic,
+420 234 665 555,
www.uoou.cz.

IX. Cookies and Similar Technologies

1. On its website, the Controller uses only so-called technical (necessary) cookies and similar technologies which are required for the proper functioning of the website, to ensure its security, to load fonts, or to store user settings (for example, information that the cookie information bar has been hidden). These cookies do not enable the Controller to identify a specific user.

2. The Controller does not use cookies for analytical, marketing or tracking purposes and does not carry out profiling of website visitors.

3. The website uses font-loading services provided by Google Ireland Limited and Adobe Systems Software Ireland Limited (Google Fonts, Adobe Fonts). When a font is loaded, the provider may process technical data relating to the device and browser, in particular the IP address and browser settings, for the purpose of delivering the requested font. Such processing is carried out on the basis of the Controller’s legitimate interest in ensuring a consistent and aesthetically pleasing display of the website.

4. Users can configure their internet browser to limit or delete cookies. Given that the Controller uses only technical cookies necessary for the functioning of the website, such limitations may affect the correct display or functionality of the website.

Privacy Policy dated 17.122025.

  • Life without love is meaningless.
    Love is the water of life.
    Drink it to the last drop
    with your heart and soul.
    RÚMÍ

  • We are
    children of the sun

Photo: Janka Kohoutková, Petr Řezníček, Martina Chudějová and friends

Potěšit oči, z. s., Company ID No.: 23816864
registered office: Mikoláše Alše 913/91, 798 11 Prostějov – Vrahovice
registered in the Associations Register kept by the Regional Court in Brno, Section L, File No. 31556
info@potesitoci.cz     +420 704 882 111

All photographs on this website are protected by copyright. Any downloading, copying, distribution, or other use without prior consent is prohibited.

Privacy policy  •  Terms and conditions

© 2025 www.potesitoci.cz. | Webdesign: Website creation Vyškov - IR-webdesign