Privacy Policy.

I. General Provisions

The controller of personal data pursuant to Article 4(7) of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as the “GDPR”) is Anytime s.r.o., Company ID No. 17248779, with its registered office in Prague (hereinafter referred to as the “Controller”).

Controller’s contact details:

Address: Jaurisova 515/4, Michle (Prague 4), 140 00 Prague
Email: info@kvetinacenazakazku.cz
Phone: +420 775 784 900

Personal data means any information relating to an identified or identifiable natural person.

The Controller has not appointed a Data Protection Officer.

II. Sources and Categories of Processed Personal Data

The Controller processes personal data that you have provided via the contact form or within communication.

Processed data include:

  • Identification data (first name, last name)
  • Contact data (email, phone number)
  • Message content from the enquiry form
  • Data necessary for preparing an offer or fulfilling a contract

III. Legal Basis and Purpose of Processing Personal Data

The legal bases for processing are:

  • Performance of a contract or pre-contractual negotiations (Article 6(1)(b) GDPR)
  • Legitimate interest of the Controller (Article 6(1)(f) GDPR) – ensuring communication and website operation
  • Your consent in the case of marketing communications (Article 6(1)(a) GDPR)

Purposes of processing:

  • Handling your enquiry
  • Communication regarding service offers
  • Preparation of contractual documentation
  • Compliance with accounting and tax obligations

No automated decision-making is carried out by the Controller.

IV. Data Retention Period

The Controller retains personal data:

  • For the time necessary to handle the enquiry and related communication
  • For the duration of the contractual relationship
  • For the period required by legal obligations (e.g. accounting records for at least 5 years)
  • Data from the contact form for a maximum of 12 months if no cooperation is established

After these periods, the data are deleted.

V. Recipients of Personal Data

Recipients of personal data may include:

  • Hosting providers
  • Accountants
  • IT administrators

The Controller does not transfer personal data outside the EU.

VI. Your Rights

You have the right to:

  • Access your personal data (Article 15 GDPR)
  • Rectification (Article 16 GDPR)
  • Erasure (Article 17 GDPR)
  • Restriction of processing (Article 18 GDPR)
  • Object to processing (Article 21 GDPR)
  • Data portability (Article 20 GDPR)
  • Withdraw consent at any time

You may file a complaint with the supervisory authority (Data Protection Authority).

VII. Personal Data Security

The Controller has implemented technical and organisational measures to ensure the protection of personal data. Access is granted only to authorised persons.

VIII. Final Provisions

By submitting an enquiry, you confirm that you have read and understood these principles.

The Controller is entitled to update this document.

These principles come into effect on 2 December 2025.