Privacy Policy

In accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as "GDPR"

1) Identity and contact details of the controller

The controller of personal data of natural persons (hereinafter referred to as "data subject"), processed in connection with the provision of services and other content (e.g., in the form of videos, texts, and accompanying materials) offered through the website https://www.pekpavel.com (hereinafter referred to as "Website"), is:

Pavel Pek

ID: 14165937

Address: Kurzova 2222/16, 155 00, Prague 5 - Stodulky, Czech Republic

hereinafter referred to as "Controller"

Controller's contact details:

  • Email: svobodaodocd@gmail.com
  • Phone: +420 731 825 509

2) Data Protection Officer

The Controller has not appointed a Data Protection Officer.

3) Legal basis for processing

The legal basis for processing personal data when providing services by the Controller is:

  • Performance of a contract between you and the Controller pursuant to Art. 6(1)(b) GDPR (if you agree to use the Controller's services), also during possible registration on the Website (creating a user account) and during possible participation in a loyalty or similar program
  • Compliance with a legal obligation to which the Controller is subject, pursuant to Art. 6(1)(c) GDPR - for the fulfillment of public law obligations (especially tax and accounting regulations), particularly in the case of financial performance arising from the contract
  • Legitimate interest of the Controller pursuant to Art. 6(1)(f) GDPR in the case of sending commercial communications (especially emailing and informational articles) and in the case of profiling and analysis of customer behavior data when visiting the Website; the Controller's legitimate interest in this case is the implementation of direct marketing
  • Consent pursuant to Art. 6(1)(a) GDPR, if given by you for the use of analytical, statistical and/or marketing cookies

4) Purposes of processing for which personal data are intended

  • In case of ordering services from the Controller, your personal data are processed for the purpose of processing the order (providing service and/or content ordered by the data subject from the Controller) and implementing other rights and obligations arising from the contractual relationship.
  • In case of registration on the Website (creating a user account), your personal data are processed for the purpose of providing user account management service.
  • In case of registration in a loyalty/other program, your personal data are processed for the purpose of enabling participation in the loyalty program and using the relevant benefits (discounts, etc.)
  • In case of consent to receive commercial communications, personal data are also processed for the purpose of sending commercial communications.
  • In case of granting the relevant consent on the cookie banner, also for the purpose of profiling and analysis of customer behavior data using non-technical Cookies.
  • Always also for the purposes of securing the Website and protecting the Website and your personal data against misuse.

5) Recipients of personal data

Recipients of personal data are:

  • • The Controller and natural and legal persons involved in its operation
  • - persons involved in delivering goods or services ordered on the Website
  • - persons involved in processing payments based on contracts concluded through the Website
  • - persons providing marketing services
  • - persons providing Website operation services

Specifically, these include:

  • • Stripe, Inc. – payment gateway
  • • WooCommerce – Website functionality
  • • PayPal – alternative payment method
  • • LearnDash – e-learning platform
  • • WordPress – content management system
  • • SiteGround – hosting and domain provider
  • • Elementor – visual Website editor
  • • PrestoPlayer Pro – video player
  • • other IT service providers
  • • accountant

6) Intention to transfer personal data to a third country or international organization

The Controller does not intend to transfer personal data to a third country or international organization.

7) Period for which personal data will be stored

  • In case of ordering services and/or content from the Controller, your personal data are stored (processed) for the period necessary to implement rights and obligations from the contractual relationship.
  • In case of commercial communications, registration on the Website, and loyalty programs, your personal data are stored until consent is withdrawn/registration or account is cancelled.
  • In case of loyalty programs/discount promotions, only for the duration of the relevant program/promotion.
  • In case of data obtained only through Cookies, for the necessary period, but no longer than 12 months from their collection or consent, or until your consent is withdrawn.

8) Your rights

If the Controller processes your personal data, you have the right to:

  • • confirmation of whether personal data concerning you are being processed, pursuant to Art. 15 GDPR,
  • • access to your personal data pursuant to Art. 15 GDPR,
  • • rectification of inaccurate and completion of incomplete personal data pursuant to Art. 16 GDPR,
  • • erasure of personal data pursuant to Art. 17 GDPR,
  • • restriction of processing pursuant to Art. 18 GDPR,
  • • object to processing pursuant to Art. 21 GDPR,
  • • data portability pursuant to Art. 20 GDPR,
  • • lodge a complaint with the Data Protection Authority if you believe your right to personal data protection has been violated,
  • • not be subject to any decision based solely on automated processing, including profiling, which would have legal effects concerning you or similarly significantly affect you.

9) Sending commercial communications

The Controller is entitled to process customers' personal data, especially email addresses, under the conditions stated in point 3 of these Terms, also based on the legal basis of the Controller's legitimate interests pursuant to Art. 6(1)(f) GDPR for direct marketing purposes (sending commercial communications).

You can exclude this processing when submitting an order, and you also have the right to object to this processing at any time free of charge via email at svobodaodocd@gmail.com or by other appropriate means.

If you raise this objection against the processing of your personal data for direct marketing purposes, your relevant personal data will no longer be processed by the Controller for these purposes.

10) Requirement to provide personal data

Providing personal data to the extent marked by the Controller as necessary (e.g., with *), typically in the relevant form (order, registration), is a contractual requirement. If you wish to receive the ordered service or content, it is necessary to provide this personal data, as it is the minimum without which the Controller cannot provide the service.

When ordering services from the Controller, registering for a user account on the Website, or registering for a loyalty program, you are obliged to provide all data correctly and truthfully. Data must be current and updated when changed.

11) Categories of personal data processed

The Controller processes your:

  • name and surname – for client identification purposes
  • email address – for communication with the Controller and access to ordered service/content
  • phone number – for communication with the Controller and customer support
  • password – for logging into user account (stored securely via WordPress)
  • residential address – only if voluntarily provided by the data subject
  • age / year of birth – only if voluntarily provided by the data subject
  • IP address / VPN – collected automatically by plugins or hosting for security and data analysis
  • gender – only if voluntarily provided by the data subject
  • browser type and version, device type from which the data subject visits the Website, and operating system
  • referrer URL (http) (source from which the data subject came)
  • website behavior information (e.g., pages visited, time spent, clicks – collected by Google Analytics, PrestoPlayer, LearnDash Reporting)
  • • and all personal data voluntarily provided when filling out any form or document on the Website or when communicating with the Controller

12) Cookies

The Controller also monitors or directs visitor behavior on the Website using cookies – data files that are stored in the browser of the device when a visitor enters a website and which collect information (hereinafter referred to as "Cookies"). Processing of Cookies is processing of personal data.

The Controller uses "technical" (or "strictly necessary") Cookies that are essential for the operation and functioning of the Website, ensuring availability and security of the Website, for providing services through it, and for fulfilling obligations under legal regulations. Therefore, these are stored in your browser even without your consent and their storage cannot be rejected through the cookie banner.

The Controller also uses "non-technical cookies" (especially analytical, statistical, and marketing), which are stored on your devices only based on your consent, which you can grant through the cookie banner when entering the Website.

13) Source of personal data

The Controller always obtains relevant personal data directly from the data subjects themselves, from:

  • • orders
  • • consents to receive commercial communications (e.g., newsletter subscription)
  • • registration form for Website registration (creating a customer account)
  • • registration form for loyalty program or similar promotion
  • • contract withdrawal
  • • email messages
  • • contact form

14) Automated individual decision-making

The Controller does not perform automated individual decision-making within the meaning of Art. 22 GDPR.

Back to homepage