1.1 This Privacy Policy (the “Policy”) sets out how Welora Digilab s.r.o. collects, processes, and protects personal data of individuals who interact with the website https://weloradigilab.com (the “Website”). This Policy has been prepared in accordance with Regulation (EU) 2016/679 (GDPR) and Act No. 110/2019 Coll. on the Processing of Personal Data of the Czech Republic (zákon č. 110/2019 Sb., o zpracování osobních údajů).
1.2 The data controller within the meaning of Article 4(7) GDPR is:
| Company | Welora Digilab s.r.o. |
|---|---|
| Address | Na Folimance 2152/21, 120 00 Praha 2, Czech Republic |
| contact@weloradigilab.com | |
| Website | https://weloradigilab.com |
1.3 This Policy applies solely to the processing of personal data carried out in connection with visits to the Website and enquiries submitted through the contact channels available on the Website. Processing of personal data in connection with the performance of service agreements is governed by the respective contracts concluded with clients.
SECTION II. CATEGORIES OF DATA AND SOURCES
2.1 In connection with the operation of the Website, the Company processes the following categories of personal data:
2.1.1 Technical information automatically recorded by the server when a page is accessed: IP address of the device, browser type and version, operating system, date, time and duration of the visit, pages viewed, and the referring URL. This data does not allow the identification of a specific individual – it is used solely to ensure the stable operation of the Website and to protect it from technical failures.
2.1.2 Data voluntarily provided by the user when contacting the Company – for example, via a contact form or email: name, email address, and the content of the message. This data is processed solely to respond to the enquiry. Such data is not collected unless the user initiates contact.
2.2 The Company does not process special categories of personal data (health information, biometric data, political opinions, or other sensitive categories). User registration and the creation of accounts on the Website are not available.
2.3 The use of cookies and similar technologies is governed by a separate document – the Cookie Policy, available on the Website.
2.4 As a rule, the Company collects personal data directly from the user. In exceptional cases – for example, where contact details are provided by a business partner or third party – the Company takes reasonable steps to inform the relevant individual of the data received and the purposes for which it is processed.
SECTION III. PURPOSES AND LEGAL BASES FOR PROCESSING
3.1 Data referred to in clause 2.1.1 is processed for the purposes of technical operation of the Website, identification and resolution of errors, and protection against unauthorised access. Processing is carried out on the basis of the Company’s legitimate interest in accordance with GDPR and does not require the user’s separate consent.
3.2 Data referred to in clause 2.1.2 is processed solely to handle and respond to the user’s incoming enquiry.
3.3 Where required by Czech or EU law, the Company may be obliged to retain or disclose certain data. Such processing is carried out to the minimum extent necessary.
3.4 The Company does not sell personal data to third parties, does not use personal data for advertising purposes, and does not apply automated profiling of users.
SECTION IV. RECIPIENTS AND INTERNATIONAL TRANSFERS
4.1 Personal data may be shared with the following categories of recipients, subject to the principle of data minimisation:
4.1.1 Data processors: providers of hosting, cloud infrastructure, and network security services, acting under a data processing agreement concluded in accordance with GDPR.
4.1.2 Professional advisors (legal, accounting, audit), bound by obligations of professional confidentiality.
4.1.3 Competent public authorities – exclusively in cases required by law or an official order.
4.2 Where data is transferred outside the European Economic Area, the Company ensures an adequate level of protection through the mechanisms provided under GDPR, including standard contractual clauses approved by the European Commission.
SECTION V. RETENTION PERIODS
5.1 Personal data is retained for the minimum period necessary to fulfil the purpose of processing, taking into account applicable statutory retention requirements.
5.2 The Company takes reasonable steps to keep processed data accurate and up to date. If a user believes that information held about them is inaccurate or outdated, they may request correction by contacting contact@weloradigilab.com.
5.3 Upon expiry of the retention period, data is either permanently deleted or irreversibly anonymised so that the data subject can no longer be identified.
SECTION VI. DATA OF MINORS
6.1 The Website is intended for business interaction and is not directed at individuals under the age of 16. The Company does not knowingly collect or process personal data of minors.
6.2 If a parent or legal guardian discovers that a child has provided personal data to the Company without their consent, they should contact contact@weloradigilab.com without delay. The Company will delete such data as soon as reasonably practicable.
SECTION VII. DATA SUBJECT RIGHTS
7.1 Users may at any time submit a request to the Company regarding their personal data. In response to such a request, the Company is obliged to: confirm whether the user’s data is being processed; provide access to that data; correct inaccurate or incomplete information; delete data where there is no longer a legal basis for retention; restrict or cease processing; and provide data in a portable format.
7.2 The Company does not charge a fee for handling such requests. Additional information may be requested to verify the identity of the requester – this is a standard measure to protect the user’s data.
7.3 Requests should be sent to contact@weloradigilab.com. The Company will respond within a reasonable timeframe, generally no later than 30 days from receipt of the request.
7.4 Users also have the right to lodge a complaint with the supervisory authority if they believe their data is being processed unlawfully:
| Authority | Úřad pro ochranu osobních údajů (ÚOOÚ) |
|---|---|
| Address | Pplk. Sochora 727/27, 170 00 Praha 7 |
| Website | www.uoou.gov.cz |
SECTION VIII. SECURITY AND FINAL PROVISIONS
8.1 The Company applies technical and organisational security measures proportionate to the risks of processing, including encryption of data transmission channels (TLS/HTTPS), access controls, infrastructure monitoring, and regular software updates. In the event of an incident likely to result in a high risk to the rights of individuals, the Company will notify affected data subjects in accordance with GDPR.
8.2 This Policy may be revised in response to changes in legislation or the technical infrastructure of the Website. The current version, including the date of the last update, is published on the Website.
8.3 For all enquiries relating to this Policy, please contact: contact@weloradigilab.com.
* This document is the primary binding version of the Privacy Policy for Welora Digilab s.r.o.
