Personal data protection principles

These personal data protection principles (hereinafter the “Principles”) determine the rules for personal data protection in the company and the general terms and conditions of coreteq ventures s.r.o., company ID number: 11932546, registered office: Na Zatlance 1908/4, Smíchov, 150 00 Prague 5. (hereinafter the “Company” or the “Controller”). The Company ensures the protection of your personal data in accordance with valid and effective legislation, which, from 25 May 2018, primarily means Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter the “GDPR”).

The Company may amend and modify the Principles at any time, by placing a revised version at the website (hereinafter the “Website”) and such change and modification/amendment will come into effect as of the date of such placement.

Controller and Its Contact Details

The Company is the Controller of the personal data in accordance with Article 4(7) of the GDPR.

Please send all communications concerning personal data protection or notifications of breaches of rights through the Controller’s e-mail address: or to the postal address: Na Zatlance 1908/4, Smíchov, 150 00 Prague 5.

The Controller has not appointed a personal data protection officer under Article 37 of the GDPR.

Personal Data that the Controller Processes

Personal data is understood to mean all information about an identified or identifiable natural person. An identifiable natural person is a natural person that can be directly or indirectly identified, in particular by reference to a certain identifier, for example name, identification number, location data, network ID or one or more special elements of the physical, physiological, genetic, mental, economic, cultural or social identity of such natural person.

In the event the Website is used, the Controller records your IP address and standard data, such as the type of your browser and links to other websites that you browsed at the Website. This information serves for monitoring and prevention of fraud, diagnosis of problems and processing of statistical data, which is anonymous and does not contain your personal data.

Purposes of Personal Data Processing

The Controller processes your personal data for the following purposes:

  • Pre-contractual negotiations;
  • Performance of contractual relationship;
  • Sending commercial communications, offers of products, services and events organised by the Controller, and performance of other marketing activities;
  • Sending of offers of employment;
  • Performance of the Controller’s statutory duties;
  • Improvements in the quality of services provided by the Controller and improvements in the use of the Website.

Processing Personal Data for Performance of Contract

In this case your personal data are processed in accordance with the provisions of Article 6(1)(letter b) of the GDPR—the provision of personal data is a necessary requirement for performance of a contract or the performance of measures taken before the conclusion of a contract at the request of a data subject. Without the provision of personal data, it is not possible for the Controller to conduct pre-contractual negotiations, conclude a contract or perform it.

Granting of Consent

One of the statutory reasons for personal data processing is the granting of your consent to personal data processing in the sense of the provisions of Article 6(1)(letter a) of the GDPR. The Controller requests the granting of consent to the processing of your personal data, in particular, when sending commercial communications and offers of goods and services;

Protection of Legitimate Interests

Your personal data can also be processed in accordance with the provisions of Article 6(1)(letter f) of the GDPR—processing is necessary for the purposes of legitimate interests pursued by the Controller or a third party.

Provision of Personal Data to Third Parties

Personal data are provided to third parties working with the Controller as a part of the provision of services and arranging marketing services. Such third parties need access to your data, so that they can perform their activities and they are obligated, when processing your personal data, to comply with the principles of personal data processing set by the GDPR. The current list of third parties is available on request.

Without your consent, the Controller will not provide your personal data to third parties other than those specified above and will not share them with any persons or unrelated companies, with the exception of the following cases:

  • Compliance with legal regulations or as a response to the requirements of legal regulations;
  • Protection of the rights and property of the Controller, its representatives, users and other persons, in particular for the purpose of enforcing their contracts, the principles and user conditions and, in urgent cases, protection of the actual security of the Controller, users of its services or any other person;
  • In connection with any merger, sale of assets of the Company, financing or acquisition of all or part of the Controller’s enterprise by another company or in the course of such process

The Controller will not hand over your personal data to a third country or international organisation without your consent, unless it is necessary for the performance of a contract between you and the Controller or unless the Controller is under such duty under the law.

Without your consent, the Controller will not provide personal data gathered using the Website to third parties for the purposes of direct marketing.

Rights of Data Subject

As a data subject whose personal data are processed, you have the rights specified below, which you may exercise at any time. They are:

  • The right to access your personal data (i.e. the right to obtain information about whether your data are processed and, if they are, you have the right to obtain access to them);
  • The right to rectification of personal data (i.e. to request rectification if you find out that the Controller is processing inaccurate and/or untruthful data);
  • The right to request an explanation (i.e. if you suspect that the processing of personal data is interfering with the protection of your personal and private life or if processing is occurring in conflict with legal regulations);
  • The right to restrict processing of personal data (i.e. the right to request a temporary restriction on the processing of your personal data);
  • The right to the erasure of personal data (i.e. in the event that your data are no longer needed for the purposes for which they were processed);
  • The right to object to processing of personal data (the Controller is obliged to prove that there is a serious, legitimate reason for processing of personal data that outweighs your interests, or rights and freedoms);
  • The right to data portability (i.e. the right to request that a third party receives your data);
  • The right to rescind your consent with personal data processing at any time; ∙ The right to make a complaint to the Office for Personal Data Protection (i.e. in the event you think your right to personal data protection was breached).

Security Measures and Sharing of Personal Data

The Controller stores your personal data in accordance with the highest security standards, through a wide range of security measures, including encryption and verification tools, in order to prevent unauthorised access, changing, publication or destruction of your personal data. Your personal data are protected by firewalls and accessible only to a limited number of persons that are obligated to keep such data secret.

Effective date: 10 September 2023
coreteq ventures s.r.o.,
coreteq ventures