GDPR

Privacy Policy

I. Basic Provisions

The data controller, pursuant to Article 4(7) of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR”), is ENADATA Group s.r.o., Company ID: 07545851, with registered office at Malá Dlážka 2895/14, Přerov I-Město, 75002 Přerov (hereinafter referred to as the “Controller”).

Contact details of the Controller:

  • Address: Malá Dlážka 2895/14, Přerov I-Město, 75002 Přerov
  • Email: info@enadata.cz
  • Phone: +420 737 164 334

Personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, network identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

The Controller has not appointed a Data Protection Officer.

II. Sources and Categories of Personal Data Processed

The Controller processes personal data that you have provided or that the Controller has obtained in connection with fulfilling your order.

The Controller processes your identification and contact details, as well as data necessary to fulfill the contract.

III. Legal Basis and Purpose  Personal Data Processing

The legal basis for processing personal data is:

  • Performance of a contract between you and the Controller under Article 6(1)(b) GDPR;
  • Legitimate interest of the Controller in providing direct marketing (including sending business communications and newsletters) under Article 6(1)(f) GDPR;
  • Your consent to processing for the purposes of direct marketing (including sending business communications and newsletters) under Article 6(1)(a) GDPR in conjunction with Section 7(2) of Act No. 480/2004 Coll., on certain information society services, if no goods or services were ordered.

The purpose of processing personal data is:

  • To process your order and exercise the rights and obligations arising from the contractual relationship between you and the Controller. Personal data required to complete the order (name, address, contact details) must be provided, as without them the contract cannot be concluded or performed.
  • To send business communications and conduct other marketing activities.

The Controller does not perform automated individual decision-making under Article 22 GDPR. Such processing is carried out only with your explicit consent.

IV. Retention Period

The Controller retains personal data:

  • For the duration necessary to exercise rights and obligations arising from the contractual relationship between you and the Controller and to enforce claims under these contractual relationships (for 15 years after the termination of the contractual relationship).
  • Until consent for marketing purposes is withdrawn, but no longer than 15 years if the data is processed based on consent.

After the retention period, the Controller will delete the personal data.

V. Recipients of Personal Data (Subcontractors of the Controller)

Recipients of personal data include:

  • Parties involved in delivering goods/services or processing payments under a contract;
  • Parties involved in maintaining service operations;
  • Providers of marketing services.

The Controller does not intend to transfer personal data to third countries (outside the EU) or international organizations. Recipients in third countries include providers of mailing or cloud services.

VI. Your Rights

Under GDPR, you have the right to:

  • Access your personal data (Article 15 GDPR);
  • Rectify your personal data (Article 16 GDPR) or restrict processing (Article 18 GDPR);
  • Erase your personal data (Article 17 GDPR);
  • Object to processing (Article 21 GDPR);
  • Data portability (Article 20 GDPR);
  • Withdraw consent to processing at any time in writing or electronically at the Controller’s address or email provided above.

You also have the right to file a complaint with the Office for Personal Data Protection if you believe your rights have been violated

VII. Security of Personal Data

The Controller declares that all appropriate technical and organizational measures have been implemented to secure personal data.

Technical measures include securing data storage, including paper records, through strong passwords and two-factor authentication. Only authorized personnel have access to personal data.

VIII. Final Provisions

By submitting an order through the online order form, you confirm that you have read and fully accept these Privacy Policy terms.

You agree to these terms by checking the consent box in the online form.

The Controller reserves the right to amend these terms. A new version will be published on the website or sent to the email address you have provided.

These terms take effect on January 1, 2026.

+420 777 555 831
Business Intelligence solutionsAbout Enadata
info@enadata.cz
AI implementationHow we work
Malá Dlážka 14, 750 02 Přerov, ČR
Automation of data processesContacts
Custom applicationsCase studies
Social Media
Made by Expirio
GDPR