top of page

Personal data protection

The security and protection of our customers' personal data is a priority for us. Therefore, in accordance with the relevant generally binding legislation, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation on the protection of personal data and on the free movement of such data, hereinafter referred to as "GDPR"), we would like to inform you about the processing of your personal data in connection with the provision of our services.


1. Personal Data Controller

The controller of personal data is Greenometer s.r.o., ID No. 07638990, registered in the Commercial Register maintained by the Municipal Court in Prague, Section C, Insert 304555/MSPH (hereinafter referred to as the "Controller").

The Controller's contact details are: e-mail:

Personal data means any information about an identified or identifiable natural person; an identifiable natural person is a natural person who can be identified, directly or indirectly, in particular by reference to a specific identifier, such as a name, identification number, location data, network identifier or to one or more specific elements of the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.

2. Sources and categories of personal data processed

The personal data we process on the legal basis specified in Article III. are:

  • identification data (name, surname of the contact person);

  • contact details (telephone number, e-mail address)

  • communication and interaction data (e.g. information about our mutual contact, handling of complaints and service requests). 


3. Lawful basis and purpose of the processing of personal data

We process the personal data you provide to us in the context of our business cooperation on the basis of the following legal grounds and for the following purposes

  • performance of a contract and/or performance of pre-contractual measures;

  • the fulfilment of legal obligations imposed on us by the relevant generally binding legislation (in particular Act No. 586/1992 Coll., on Income Taxes, as amended, Act No. 563/1991 Coll., on Accounting, as amended, Act No. 634/1992 Coll., on Consumer Protection, as amended, and Act No. 235/2004 Coll., on Value Added Tax, as amended);

  • legitimate interest in relation to the protection and enforcement of our potential claims;

  • consent to tailor offers and advertising to your preferences based on so-called cookies. For more information on this processing, please refer to the Cookie Policy


4. Data retention period

When handling your data, the controller respects the rules of data minimisation and keeps personal data for as long as necessary. The archiving periods result from the relevant generally binding legal regulations or from a decision of the controller to ensure the protection of legitimate interests. After the retention period has expired, the controller will delete the personal data.

  • Your personal data will be processed for a period of 5 years from the conclusion of the relevant contract to ensure the fulfilment of our contractual obligations and the legitimate interest in the protection and enforcement of our claims, if any. We will archive tax documents containing your personal data in accordance with the Value Added Tax Act for a period of 10 years.


5. Recipients of personal data (subcontractors of the controller)

The processing of personal data is carried out by the controller. In the context of the provision of our services, your personal data may be transferred to authorised entities providing certain activities forming part of our services. These entities are authorised to handle the data solely for the purpose of carrying out the activity for which they have been authorised by the controller. In this case, your consent is not required for the purposes of carrying out the processing activity, as such processing is directly permitted by law.

Subcontractors may be entities

  • Providers of IT services, including cloud storage and IT security services (e.g., Microsoft)

  • involved in the delivery of goods/services/processing of payments under a contract (e.g. Stripe)

  • providing e-commerce and other services in connection with the operation of the e-commerce,

  • providing marketing services.

Recipients are assured of a high level of security of your personal data. Where data is transferred outside the EU, rules will apply to ensure an adequate and comparable level of protection as within the EU.


6. Your rights

Under the terms of the GDPR, you have

  • the right to access your personal data, We will provide you with this information primarily through this form here,

  • the right to rectification of personal data,

  • in certain cases, the right to erasure of personal data,

  • restriction of processing,

  • the right to object to processing,

  • the right to data portability.

For matters relating to your personal data and to exercise the above rights that we process, you can contact the Data Protection Officer - Lucie Poulová ( You can also write to this e-mail in case you read this far, if you are the first we will send you a bottle of good wine.

You also have the right to lodge a complaint with the Office for Personal Data Protection (address: Pplk. Sochora 27, 170 00 Prague 7, tel.: 234 665 111, website: if you believe that your right to personal data protection has been violated, or to apply to the court.

You are not obliged to provide us with your personal data, however, without providing the necessary personal data necessary for your proper identification as a contracting party, it is not possible to conclude the contract and ensure its performance.


7. Personal Data Security Terms and Conditions

The Controller declares that

  • has taken all appropriate technical and organisational measures to safeguard personal data,

  • only persons authorised by the controller have access to the personal data.


8. Final Provisions

  • By submitting an order from the online order form, you confirm that you are aware of the terms of the privacy policy and that you accept it in its entirety.

  • The controller is entitled to change these terms and conditions. It will publish the new version of the privacy policy on its website.


Date of update: 18.08.2023.

bottom of page