GDPR INFORMATION – Striveonlab s.r.o.

Striveonlab s.r.o., with registered office at Rybná 716/24, Staré Město, 11000 Prague 1, Company ID: 23010118 (hereinafter referred to as the “Controller”), guarantees the safety and protection of entrusted personal data in full compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data (hereinafter “GDPR”) and Act No. 110/2019 Coll. on the processing of personal data, as amended.

COOKIES

When using the website striveonlab.com, cookies (small files that enable tracking of user activity on websites) may be stored on the electronic device through which the user accesses the website. The conditions for storing and processing cookies are as follows:

The user always has the option to express consent or refuse the storage of cookies by configuring their web browser – by allowing or disallowing cookies.

If consent is granted (cookies are allowed), the following may be stored on the user’s electronic device:

– Temporary cookies, which are automatically deleted when the user’s internet browser is closed.

– Persistent cookies, which remain stored in the user’s internet browser even after the device used to access striveonlab.com is turned off (these cookies can be deleted at any time and are automatically deleted after several weeks or months).

By granting consent, the user also allows the Controller to use cookies for its own record-keeping or statistical purposes, as well as for targeted advertising by partners with whom the Controller has specific agreements for displaying advertisements on the website. The user’s consent remains valid for as long as the settings of their internet browser remain unchanged. If browser settings are changed or the use of cookies is disabled, the consent is revoked.

The Controller is not responsible for the storage of cookies on third-party websites or for the use of cookies stored on the user’s device by third parties.

If the user refuses consent (disables cookies in the browser), the Controller cannot guarantee the full functionality of the striveonlab.com website, particularly the ability to log in to the member section.

WEBSITE SECURITY

The website striveonlab.com uses SSL encrypted connections whenever users connect or transmit any data. This encryption prevents third parties from accessing or modifying data transmitted over the internet. The Controller’s databases containing personal data are protected with encryption and non-public login credentials, in accordance with the latest technical standards.

USER CONTACT BASED ON REQUEST

When visiting and using the striveonlab.com website, users may contact the Controller and voluntarily provide personal data for the purpose of being contacted back.

Providing personal data is voluntary. The legal basis for processing such data is the Controller’s legitimate interest in contacting the user and providing answers or support.

Personal data the user may provide includes:

– Full name [required]

– Email address [required]

– Phone number [required]

– Company (workplace/employer)

PURPOSE: To contact the user in response to their request.

DURATION OF PROCESSING: Personal data will be processed only for the necessary duration of the communication with the user.

ACCURACY: By voluntarily providing personal data, the user confirms that the data provided is accurate, truthful, and up to date.

CONTRACT FULFILLMENT

To prepare, conclude, and fulfill a contract, we process your personal data for the time necessary to handle your order. After this period, your data is retained based on the Controller’s legitimate interest to protect legal claims and maintain internal records and control, for the duration of the statutory limitation period (3 years) and one additional year due to potential claims raised at the end of the limitation period.

If legal, administrative, or other proceedings begin, your data will be processed for the entire duration of such proceedings and the remaining limitation period after their conclusion. Our legitimate interests for such processing include the protection of legal claims and verification of proper service delivery.

For the purposes of fulfilling legal obligations, personal data is processed for 10 years. Personal data processed for contract fulfillment includes data provided to the Controller for that purpose (e.g., name, surname, permanent residence address, date of birth).

AUDIO AND VISUAL RECORDINGS

For the purpose of publishing audio or audiovisual recordings and images from our training sessions, we may process personal data such as your voice and likeness, but only with your explicit consent. This consent is obtained separately during training registration or before the training begins. Such data is stored for up to 3 years, unless the consent is withdrawn earlier or you exercise one of the rights mentioned below. The purpose of this processing is to present and market our company.

JOB APPLICANTS

Through our website, you may send us your CV, which may result in being selected and employed by our company. To process the personal data contained in your CV, we also require your consent. Without such consent, we are unable to review your CV, and we will not be aware of your job application.

We process the personal data provided in your CV, primarily your name, surname, phone number, and email address. This data is retained for a period of 1 year for the purpose of evaluating job applications.

NEWSLETTER

While visiting and using the striveonlab.com website, users may voluntarily provide their personal data for the purpose of receiving direct marketing content – newsletters. Personal data may be submitted during newsletter registration using an identifiable email address or by filling out a contact form linked to selected website content.

Providing personal data for this purpose is voluntary. If the user is not a customer of the Controller, the legal basis for processing is the user’s consent. In this case, consent is the only legal ground for processing the email address for sending newsletters.

If the user is an existing customer, the Controller may send direct marketing messages related to services similar to those already ordered. The legal basis for such processing is the Controller’s legitimate interest, based on the assumption that such offers are relevant to the customer. The customer may opt out of receiving such messages at any time via the unsubscribe link or by contacting us at office@striveonlab.com.

CONSENT DURATION: Consent becomes valid upon checking the appropriate box in the online form and remains valid for 2 years or until withdrawn.

LEGITIMATE INTEREST DURATION: Personal data is processed for marketing purposes based on legitimate interest for 2 years from the last order or until objection.

PURPOSE: To enable the user to receive requested newsletters or information about similar goods and services.

SCOPE OF DATA: Name, surname, and email address.

ACCURACY: The user is obligated to notify the Controller of any changes to their personal data. The Controller may request the user to verify or update their data to ensure accuracy.

RIGHTS OF THE DATA SUBJECT

If you have provided us with your personal data, you become a data subject under the GDPR. As a data subject, you may exercise the following rights:

• Right of access – You may request confirmation of whether your personal data is being processed. If it is, you can request access to the data, along with information about the purpose of processing, categories of data, recipients, retention periods, sources of data, and any automated decision-making, including profiling.
• Right to rectification – If your data is incorrect or incomplete, you may request correction or completion without undue delay.
• Right to erasure – You may request the deletion of your personal data if it is no longer needed, if you withdraw your consent, object to processing, if it was processed unlawfully, or to comply with legal obligations.
• Right to restriction of processing – You may request restriction of processing, for example, if the accuracy of your data is contested or processing is unlawful and you oppose erasure.
• Right to data portability – You may request your data in a structured, commonly used, and machine-readable format to transfer to another controller, if processing is based on consent or contract and carried out by automated means.
• Right to object – You may object to the processing of your data based on legitimate interest or for direct marketing.
• Right to withdraw consent – You may withdraw your consent at any time. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.
• Right not to be subject to automated decision-making – You have the right not to be subject to decisions based solely on automated processing, including profiling, unless required for a contract, based on law, or with your explicit consent.
• Right to lodge a complaint – You have the right to file a complaint with the relevant data protection authority if you believe your rights have been violated.

Your personal data may also be accessed by third parties. These may include providers of accounting services, IT services, newsletter services, cookie service providers, or other parties authorized by the Controller for marketing-related processing.