arrow-rightcalendarcloseeye-onfacebookhalf-starhandleinstagramlinkedinlockmenuminusplay-buttonplusrating-star-halfrating-starstarxyoutube
Contact

Personal Data Protection Policy

The purpose of this document is to provide information primarily to website visitors, users who have registered on the https://eliteways.com/ platform, and investors who have entered into a framework agreement (hereinafter collectively referred to as “Users”) with Eliteways corporation, s.r.o. ID No. 048 01 539, with its registered office at Rybná 716/24, Prague 1, 110 00 Staré Město, registered in the Commercial Register under file No. C 253559 kept by the Municipal Court in Prague (hereinafter referred to as the “Company”), information in particular about what personal data the Company processes, how and for what purpose it handles them, and what rights the User has in relation to the processed personal data. When processing personal data, the Company acts as a personal data controller.


1. Processing of personal data

The processing of personal data generally refers to the systematic handling of personal data, in particular the collection, recording, and storage of such data on data carriers, its adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, restriction, erasure, or destruction of personal data.

The Company is obliged to process Users’ personal data for the purpose of providing services to them. The processing of Users’ personal data is necessary for the conclusion of a contractual relationship, or for negotiations on its conclusion, for the fulfillment of contractual obligations, as well as for the purposes of unambiguous identification of a specific User.  

The Company processes the personal data of its Users both manually and in an electronic information system. Personal data is thus under constant physical, technical, and electronic control. The Company’s security mechanisms are set up to ensure the maximum possible protection of all data and personal data processed by the Company, in particular to prevent their misuse, damage, loss, or destruction. Only authorized Company employees who are bound by confidentiality agreements have access to the processed personal data of Users.

In specified cases, the Company will notify the User in the manner prescribed by law of the fact that there is a threat of a specific breach of personal data security that will result in a high risk to the rights and freedoms of the User.

1.1  Legal basis for processing personal data

The Company processes Users’ personal data with their consent. Without their consent, the Company processes personal data only in cases specified by law, where the consent of Users to the processing of their personal data is not necessary, or for the purpose of fulfilling obligations arising from a contractual relationship with the User, due to the legitimate interests of the Company, or for another legitimate purpose of processing.

1.2. Processing of personal data with the User’s consent

The User’s consent to the processing of their personal data is entirely voluntary. The User may grant the Company consent to process their personal data for the purposes specified directly in the consent.

If the User has given their consent on the consent bar, the Company uses the User’s telephone number and email address for the purposes of analytics, tracking, and advertising targeting, including through the use of (and linking of tools from) Google.

This is processing based on the User’s consent, i.e. based on Article 6(1)(a) of the GDPR. Consent is voluntary and can be revoked at any time, for example in the cookie bar settings. The Company processes this personal data for a maximum of 1 year from the date of consent, unless the User extends or withdraws their consent.



1.3. Processing of personal data without the User’s consent

In providing its services, the Company is obliged (both when entering into and during the term of the contractual relationship) to collect and process personal data about its Users as required by law. The Company is not required to obtain consent to process personal data for the purpose of providing services to Users. If a User refuses to provide the Company with their personal data, the Company’s services cannot be provided to them in accordance with legal requirements.

The Company is entitled to process Users’ personal data even without their consent, in particular for the purposes of:

  • performing identification and other obligations under Act No. 253/2008 Coll., on certain measures against the legalization of proceeds from crime, and fulfilling obligations arising from other legal regulations,
  • fulfilling obligations arising from a contract concluded with the User,
  • the legitimate interests of the Company,
  • protecting the rights and legally protected interests of the Company.

     

2.  Personal data processed

The Company processes the following data about Users, always in accordance with the purpose of personal data processing, i.e.:

  • Login details, i.e. email address and password, which is never stored in its open form (the password is stored in encrypted form using a one-way hash function). This data is processed for the authentication and authorization of the User’s activities on the Platform.
  • Data necessary for concluding a contract and providing services: Name, surname, permanent and other residence address, email, telephone number, ID number. This data is also used to identify the User when concluding a contract and for subsequent checks on their activities on the Platform.
  • Data necessary for sending commercial communications: email

For the purposes of providing services, the Company also stores and processes other data to the extent necessary for the provision of services, performance of the contract, and fulfillment of legal obligations.

The above-mentioned personal data of Users is used for the above-mentioned purposes or for purposes within the scope of the consent granted by the User.

 

3.  Sources of personal data

The Company only processes personal data provided by Users themselves during negotiations to enter into a contractual relationship and during the term of such relationship.


4.  Time limits  

The Company will process the User’s personal data for the duration of the provision of services and the performance of the contract. The Company is then obliged to store the Users’ personal data for the period specified by law. In the case of processing based on consent, the Company will process the data for the period for which the User has given consent to the processing of their personal data.

Once the time limits for the processing of personal data have expired, all Users’ personal data will be deleted from the Company’s systems.



5.  Accessibility

Users’ personal data may be made accessible to third parties without their consent, in particular:

  • in order to comply with legal obligations,
  • to other persons for the purpose of protecting the rights and legally protected interests of the Company,
  • to persons authorized by the Company to fulfill its contractual and legal obligations,
  • with the User’s consent, or on the basis of their order to transfer the data to other entities.

The Company intends to transfer personal data to a third country (outside the EU) or to international organizations. The recipients of personal data in third countries are providers of mailing, cloud, or promotional services. If the Company transfers personal data outside the EU to third countries or international organizations, their protection will be ensured in accordance with standard contractual clauses adopted in accordance with the mechanism set out in Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data – GDPR, or on the basis of a Commission decision on an adequate level of personal data protection.


6. User Rights Related to Personal Data Processing

6.1  Right of Access

The User is entitled to request information about whether and what personal data the Company processes about them and to access this personal data, to the extent specified by law. The Company will provide the User with the necessary cooperation without undue delay after their request is made.

6.2  Right to rectification

The User is also entitled to request an explanation from the Company if they believe that the Company or the processor is processing inaccurate personal data about the User. In this context, the User is also entitled to request the rectification/completion of their personal data.

6.3  Right to data portability

The User has the right to obtain from the Company personal data concerning him/her in a structured, commonly used, and machine-readable format, and the right to transfer this data to another controller (or to request that the Company transfer this data directly to another controller, if technically possible), without the Company preventing this, if the processing of their personal data by the Company is based on the User’s consent, on a contractual relationship with the Company, or if the processing is carried out automatically.

6.4  Right to object

The User has the right to object to the processing of their personal data. In response to the objection raised, the Company undertakes to inform the User of the reasons that entitle the Company to process their personal data. If the User objects to the processing of their personal data for direct marketing purposes, their personal data will no longer be processed for these purposes.

6.5  Right to restriction of processing

The User is entitled to request that the Company restrict the processing of their personal data if they dispute the accuracy of the personal data, if the processing is unlawful and the User refuses to have the personal data erased, if the Company no longer needs the User’s personal data for processing purposes but the User requires it for the establishment, exercise, or defense of legal claims, or if the User has objected to the processing of their personal data.

The restriction of the processing of the User’s personal data will last for the period specified by law. The Company will notify the User in advance that the restriction of processing will subsequently be lifted.

 

6.6 Withdrawal of consent to the processing of personal data

The User is entitled to withdraw their consent to the processing of personal data at any time.  

Upon withdrawal of consent, the Company will cease to process Users’ personal data for the purposes for which consent was previously granted. However, the Company is obliged to continue processing Users’ personal data for the purpose of fulfilling obligations imposed by legal regulations, such as Act No. 253/2008 Coll., on certain measures against the legalization of proceeds from crime and terrorist financing, Act No. 563/1991 Coll., on Accounting, etc., for the purpose of fulfilling obligations within the contractual relationship with the User, as well as for the purpose of determining, exercising, or defending any legal claims. Users’ personal data will continue to be processed only for the above reasons, for the period specified by law. The withdrawal of consent to the processing of personal data does not affect the lawfulness of the processing of such data that took place before the withdrawal of the previously given consent.

With the exception of cases specified by law where the processing of personal data does not require the User’s consent (see Article 6(1) of the GDPR), the Company processes Users’ personal data exclusively with their voluntary consent.

After termination of all contractual relationships with the Company, the User is entitled to revoke their consent to the processing of personal data and birth number for purposes not arising from legal regulations. If the User revokes their consent to the processing of their personal data, the Company will continue to store only those personal data of the User that are necessary for the Company to fulfill its obligations under legal regulations.

6.7 Right to erasure

The User is also entitled to request the destruction of their personal data if they believe that the Company is processing their personal data in violation of the protection of their private life or in violation of legal regulations. The User is also entitled to request the Company to delete their personal data if it is no longer necessary for the purposes for which it was processed, if it has been processed unlawfully, if the User revokes their previously given consent and there is no other legal reason for its processing, and also if the User objects to the processing of their personal data and there are no overriding legitimate reasons for processing.


7. Exercising User Rights

The User may exercise their rights by contacting the Company via the Platform, podpora@eliteways.com, by calling +420 608 578 898, or by sending a letter to the Company’s registered office at Rybná 716/24, Prague 1, 110 00 Staré Město.

The User will be informed by the Company about the processing of their request without undue delay, except in cases where this proves impossible or requires disproportionate effort. If the User’s requests are manifestly unfounded or excessive, in particular because they are repetitive, the Company may charge the User a fee taking into account the administrative costs associated with providing the requested information or communication or taking the requested actions, or refuse to comply with the requests.

The User is also entitled to refer their complaint to the supervisory authority, which is the Office for Personal Data Protection, with its registered office at Pplk. Sochora 27, 170 00 Prague 7, www.uoou.gov.cz.

© 2025 Eliteways. All rights reserved.