DATA21's privacy policy

We are, trademark of Colorbee s.r.o., a company incorporated under the law of the Czech Republic with its registered office at Veleslavínská 48/39, Prague, the Czech Republic, ID 27914950 (the "Company" or "we"), registered in the Commercial register maintained by the Municipal Court in Prague, file C.126204.

This Privacy Policy explains how we collect, use, process, disclose and secure information and personal data we obtain from and about our clients, from anybody who visits our website ("Website"). It also tells you about your rights and choices with respect to your information, and how you can contact us if you have any questions or concerns. The processing of your personal data is regulated by the European General Data Protection Regulation (GDPR).

Data controller

The Controller, i.e. the entity deciding about the purposes and means of processing personal data is Colorbee, s.r.o. with registered office in Prague at Veleslavínská 48/39. For matters relating to the processing of your personal data, you can also contact us by email at the following email address:

Data recipients

In connection with its operations, DATA21 will disclose your personal data to the following entities:

  • state authorities or other entities authorized under the law - if this is necessary for the implementation of legal obligations,
  • entities supporting us in our activities on our behalf, in particular: suppliers of external ICT systems supporting our activities, subcontractors, entities auditing our activities or experts, whereby such entities will process data on the basis of a contract with the Controller and only in accordance with his instructions,
  • entities providing accounting, HR or legal services - to the extent necessary to ensure performance of legal obligations or to establish, pursue and defend claims,
  • companies that dispose of or archive documents and other media - to the extent that data are stored in hard copy or on such media,
  • courier and postal service providers - in case of correspondence,
  • the organization’s customers - if necessary to serve them,
  • banks, insurance companies, and other financial and payment institutions - when settlement is required,
  • companies that provide security services, access control and monitoring of the use of work tools,
  • companies that conduct marketing activities,
  • training providers.

Rights with respect to data processing

Every person whose data are processed by the Controller has the right to:

  • access their personal data,
  • rectify their personal data,
  • have their personal data deleted,
  • restrict the processing of their personal data,
  • object to the processing of your personal data (pursuant to Article 21(1) of the GDPR, when submitting an objection, you should indicate the reasons for the objection related to your specific situation),
  • transfer their personal data.

We make sure the processing of all personal data is done properly and safely. You can exercise the rights guaranteed to you in this section at the data controller by e‑mail.

If you wish to exercise your rights, contact us via e‑mail

Voluntary provision of data

Provision of data is necessary for the conclusion of contracts and settlement of business operations and for the fulfillment of legal requirements by the Controller. In the remaining scope (in particular, in order for the Controller to process data for marketing purposes), provision of data is voluntary.

We process your personal data, if:

  • You are our client.
  • We communicate with you.
  • You would like to be a part of our team.
  • You visit our Website.

If you are our client, we may process these data of yours:

  • Last name, surname;
  • Name of your employer;
  • ID, tax ID, number of your bank account;
  • Address;
  • E-mail and telephone number;
  • Our communication;
  • Information and documents provided during our business relationship;
  • Your rating of our services;

Legal Basis and Purposes for Your Personal Data Processing

We are entitled to process your personal data only where:

  • we need to process your data to comply with a legal obligations;
  • it satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote our services, and to protect our legal rights and interests;
  • you give us consent to do so for a specific purpose;
  • it's necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.

Data transfer to third countries or international organizations

The data will be processed in the European Economic Area, i.e. as a general rule we do not transfer data to third countries. However, a transfer to a third country may occur in specific situations, in particular when the transfer is necessary for the performance of a contract between the data subject and the controller or the implementation of pre-contractual measures taken at the request of the data subject, as well as when the transfer is necessary for the conclusion or performance of a contract concluded in the interest of the data subject between the controller and another natural or legal person.