Privacy Policy
General Provisions
1.1. Introduction
We place particular emphasis on the protection of the personal data of visitors to our website, our clients, and other individuals who provide us with their personal data. These Privacy Policy (hereinafter referred to as the “Privacy Policy”) provide you with the necessary information about how we, Family Hub Nusle s.r.o., Company ID No. 03547957, with its registered office at Vlastislavova 152/4, 140 00 Prague 4, Czech Republic (hereinafter referred to as “FH”), collect, store, and further process your personal data in our capacity as a data controller in connection with the operation of our website https://www.familyhub.cz/ (hereinafter collectively referred to as the “Website”) and in connection with the provision of our services.
1.2. Use
This Privacy Policy explains and informs you about (i) how we collect and process your personal data, and (ii) what your rights are and how you can exercise them.
1.3. Familiarization
We recommend that you read this Privacy Policy carefully. By continuing to use our Website and by providing your personal data, you confirm that you have been informed about how your personal data are used as described in this Privacy Policy and in any relevant privacy notices.
1.4. Applicable Legislation
This Privacy Policy provides you with information required under Regulation (EU) No. 2016/679 of the European Parliament and of the Council of 27 April 2016 (the “GDPR”) and Act No. 110/2019 Coll., on the Processing of Personal Data.
2. Contact Details of the Controller
2.1. Contact Information
In connection with the processing of your personal data, you may contact us at Vlastislavova 152/4, Prague 4, or by email at: info@familyhub.cz.
3. Terms and Definitions
3.1. Cookies
A cookie file is a small data file (text file) that a website asks your browser to store on your device when you visit the website, in order to remember information about you, such as your language preferences or login details. The cookies we use may be divided into first-party cookies (technical cookies) which are necessary to provide you with website functionality, and third-party cookies—which come from a different domain (for advertising and marketing purposes). This also includes other technologies that work in a similar way. More information can be found in our Cookie Policy.
3.2. Personal Data
Any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, surname, date of birth, location data, or email address.
3.3. Authority for Social and Legal Protection of Children
An authority providing social and legal protection in accordance with the Act on Social and Legal Protection of Children.
3.4. Recipient
A person who receives personal data.
3.5. Consent
A freely given, specific, informed, and unambiguous indication of your wishes, by which you signify agreement to the processing of personal data relating to you, either by a statement or by a clear affirmative action.
3.6. Controller
A natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
3.7. Third Party
A natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
3.8. Purpose
The reason why the controller processes your personal data.
3.9. Act on Social and Legal Protection of Children
Act No. 359/1999 Coll., on Social and Legal Protection of Children.
3.10. Health Insurance Company
A health insurance company under Act No. 48/1997 Coll., on Public Health Insurance and on the Amendment and Supplementing of Certain Related Acts.
3.11. Processing of Personal Data
Any operation or set of operations which is performed on your personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
3.12. Processor
A natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.4. Processed Personal Data, Purposes, Methods, and Period of Processing
4.1. Scope of Processed Data
4.1.1. Sources of Personal Data
We obtain your personal data from various sources, especially directly from you or from our activities, namely:
when you visit the Website;
when you subscribe to our newsletter;
when you request support or our services; and
when you enter into a contractual relationship with us.
4.1.2. Collected Data
We only process such personal data that you or other persons authorized by you provide to us through the above-mentioned sources. We process, in particular, the following personal data:
Identification data: name, surname, date of birth, residence, marital status, information about children (name, surname, date of birth), job position, affiliation with an organization, identification data of a legal entity.
Contact data: email address, mailing address, phone number.
Payment and transaction data: account number and other bank account details, account holder’s name, payment details.
Information provided during counseling: any other information provided during counseling, documents obtained as part of the cooperation.
Health data: data indicating health status, especially current condition, allergies, past procedures, information on pregnancy, past illnesses, etc.
Sensitive data: special categories of personal data within the meaning of Article 9 GDPR, which include Health Data, data related to sexual life, and data on criminal offenses.
Data related to contract performance: data related to contract performance, data on mutual communication in connection with the sale of goods or services offered on the Website, data on complaints.
Data from cookies: upon accessing the Website or using it, we may use cookies and other tracking technologies to automatically collect the following information: device information (hardware model, operating system and version, unique device identifiers, mobile network information, device storage information), location information (IP address, time zone, mobile service provider information), usage data (including but not limited to: frequency of use, areas and features of our Website you visit, ways of using it in general, engagement with specific features).
4.1.3. Purpose, Grounds, and Retention Period of Processing
Personal data is processed for (a) specific purposes of individual projects described below, (b) general purposes of FH, and (c) purposes related to the operation of the FH Website.
4.1.3.1. Family Services and FamilyHub – Private Clients
Provision of counseling services in the field of family support to private clients. For the purpose of counseling services (legal counseling, psychotherapeutic counseling, The Bridge), we process your Identification Data, Contact Data, Information provided during counseling, and Data related to contract performance. The legal basis for this processing is the performance of the contract, and we process your personal data until the provision of services is completed. A recipient of your personal data may be a Health Insurance Company (in case of reimbursement of the price of services or part thereof by such Health Insurance Company). Regarding Health Data and other Sensitive Data, we also rely on the exceptions for explicit consent, either from the service recipient or, in the case of children under the age of 15, from their parents or legal guardians.
Provision of counseling services for children. For the purpose of providing tutoring and language development services, we process your Identification Data, Contact Data, Information provided during counseling, and Data related to contract performance. This data is processed both concerning the child and their legal guardians. The legal basis for this processing is the performance of the contract, and we process personal data until the provision of services is completed. The recipients of this personal data are the legal guardians of the child. Regarding Health Data and other Sensitive Data, we rely on the exceptions for explicit consent, either from the service recipient or, in the case of children under the age of 15, from their parents or legal guardians.
4.1.3.2. Family Services and FamilyHub – Referred Clients
Provision of counseling services in the field of family support to referred clients. For the purpose of providing counseling services to individuals referred through courts or other organizations, we process Identification Data, including the year of birth of the child, Contact Data, Information provided during counseling, and Data related to contract performance. The legal basis for this processing is the performance of the contract, and we process this personal data until the provision of services is completed and possibly also until information is handed over to the referring organization. The recipients of the personal data are the relevant referring organizations (typically courts), to the extent of name, surname, date of birth, number of meetings, parental involvement, parents’ approach to finding solutions, communication between parents, conclusion of any agreements, reasons preventing agreements from being reached, or information on the appropriateness of recommending further professional assistance. Regarding Health Data and other Sensitive Data, we rely on the exceptions for explicit consent.
Compliance with obligations under the Act on Social and Legal Protection of Children. In accordance with applicable law, we process Identification Data, including the year of birth of the child, Contact Data, Information provided during counseling, and Data related to contract performance, to fulfill the obligations of an authorized entity, in particular under Sections 48–50 of the Act on Social and Legal Protection of Children. The legal basis for processing personal data is therefore compliance with a legal obligation. Personal data are processed for the period stipulated by relevant legal regulations, and the recipients of personal data may also include Authorities for Social and Legal Protection of Children. Regarding Health Data and other Sensitive Data, these are processed based on exceptions related to fulfilling obligations and exercising rights in the field of social protection.
4.1.3.3. Common Purposes
Informing about news. If you subscribe to our newsletter, we use your Identification Data, if available, and Contact Data, especially your email, to inform you about new events within our organization and our projects, including via email. The legal basis for this processing is our legitimate interest in informing our clients about our new projects and events. Your personal data is processed for a period of 2 years from the termination of the provision of our services or submission of the request.
Online social and legal counseling. If you submit a query via our Website, we will process your Identification Data, Contact Data, and Information provided during counseling, including any Health Data and Sensitive Data, in order to respond to your query. The legal basis for this processing is your consent, and your personal data is processed until your query is answered.
Organizing seminars and courses. If you are interested in participating in seminars or courses, we will process your Identification Data (possibly also in relation to other participants), Contact Data, Payment and Transaction Data, and Data related to contract performance to enable your participation in such seminar or course. The legal basis for this processing is the performance of the contract, and we process your personal data until the seminar or course is completed and information is sent to the participants.
Internal records and protection of our rights. If we process or have processed your personal data for the purposes set out in this Privacy Policy, we will process your personal data obtained in accordance with this Privacy Policy for the purpose of ensuring our legitimate interests, specifically the protection of our rights and interests (i.e. legal claims), which include maintaining our internal records and monitoring the proper provision of our services. The legal basis for processing your data is our legitimate interest in maintaining internal records and protecting our rights. Regarding Health Data and other Sensitive Data, these are processed based on the exception for the establishment, exercise, or defense of legal claims. For this purpose, we process your personal data for a period of 10 years from the resolution of the request or termination of service provision. In the event of court, administrative, or other proceedings, we will process your personal data to the necessary extent for the entire duration of such proceedings due to the exercise or defense of our legal claims.
Statistical purposes and research. For the purpose of processing data for statistical and research purposes, we will process your personal data obtained in accordance with this Privacy Policy, excluding Sensitive Data and Health Data. The legal basis for processing your data is our legitimate interest in creating statistical and research analyses regarding the services provided. For this purpose, we process your personal data for a period of 10 years from their acquisition.
Compliance with our legal obligations. In accordance with applicable legislation, we process your Identification Data, Contact Data, Payment and Transaction Data, and Data related to contract performance for the purpose of fulfilling our legal obligations. This includes, for example, obligations in the field of tax and accounting, cooperation and information obligations towards the Police of the Czech Republic, authorities for social and legal protection of children, and others. The legal basis for processing your data is our legal obligation. For these purposes, we process your personal data for the period stipulated by relevant legal regulations, and the recipients of your personal data may also be public authorities.
4.1.3.4. Purposes of Processing for the Website
Operation of the Website and its security (functional cookies). We process your Data from cookies that are necessary for the operation of the Website, including its display, functionality, and ensuring your security. For this purpose, we identify you as a visitor during browsing or when you repeatedly log in to the Website. The legal basis for this processing is our legitimate interest in the proper functionality and operation of our Website. We generally retain your personal data for up to 2 years from your visit to our Website.
Promotion and marketing on our Website (marketing cookies). We process your Data from cookies that are necessary for targeting and displaying our advertisements (marketing cookies), whereby your data may also be transferred to third parties. For this purpose, we promote products and services on the Website and display marketing messages related to products and services in which you have expressed interest, and we promote our brand through online promotion, whereby your data may also be transferred to third parties. The legal basis for this processing is your consent granted via the Cookie side panel. We retain your data for the duration of your consent, but in any case, for no longer than 2 years from receiving your consent.
Analysis of Website traffic (analytical cookies). We also process your Data from cookies that are necessary for analyzing traffic on our Website (analytical cookies). For this purpose, we monitor the traffic to our Website, optimize it, ensure the security of your data, and increase its smoothness and user-friendliness, whereby your data may also be transferred to third parties. We process your data based on your consent granted via the Cookie side panel. We retain your data for the validity period of your consent, but in any case, for no longer than 2 years from receiving your consent.
4.2. Cookies
4.2.1.
When using our Website, we may process your personal data (Data from cookies) through cookies and other tracking technologies. Cookies are small text files stored in your web browser that enable us or third parties to recognize you. Cookies may be used to collect, store, and share parts of information about your activities across various websites, including our Website. The same applies to other similar technologies used for this purpose.
4.2.2.
We use the following cookies:
Technical cookies, which are necessary to ensure the proper functioning of the website;
Third-party cookies – tracking cookies, analytical/targeting cookies.
4.2.3.
You can set your browser to allow or reject all or only certain cookies. Refusing cookies may negatively affect the functionality of websites, including the Website. You can change your cookie preferences at any time or delete them from your electronic device at any time. Detailed information about cookies is provided on the websites of the respective web browser providers. Read more information in our Cookie Policy.
4.3. Methods of Data Processing
We process your personal data to the extent and for the purposes described above in an automated manner, which also includes the use of statistical methods. In some cases, we may also process your personal data manually.
4.4. Data on Children
We do not knowingly collect or require personal data from individuals under the age of 16, except for those participating in the provision of services together with their legal guardians.
4.5. Consequences of Not Providing Data
Providing your personal data is a necessary requirement for concluding a contract for the provision of our services, including ensuring the functioning of the Website. If you do not provide such data, we would not be able to provide you with our services or display the Website.
5. Transfer of Personal Data to Third Parties and Recipients of Personal Data
5.1. Data Transfers
We are entitled to transfer personal data that we collect in the ways described above to third parties that provide certain services related to the provision of our services. At the same time, in some cases, we are obliged to transfer personal data to public authorities. These entities act as processors or controllers of your personal data.
5.2. Recipients
The personal data collected may be shared in particular with the following recipients:
our IT systems suppliers, who in certain cases may have access to your personal data and act as data processors;
providers of analytical and marketing services, who act as data controllers or processors;
our external legal service providers who are necessary for the enforcement of our claims and for the protection of our legal rights and act as processors or controllers of data;
public authorities, especially in the area of social and legal protection of children, tax, and accounting;
providers of services utilized and other recipients as per your requests; and
other recipients listed for the specific purpose of personal data processing above.
5.3. Adequate Level of Security
We guarantee that we have concluded personal data processing agreements with processors who ensure the same level of security of your personal data as described in this Privacy Policy. We also strive to ensure that all controllers with whom we share any personal data provide adequate security for the processed personal data. In cases where personal data are transferred outside the European Economic Area, we ensure that an adequate level of protection for such transferred personal data is provided in accordance with the GDPR.
5.4. Confidentiality and Exceptions
We, including processors and controllers, are obliged to maintain the confidentiality of all personal data. An exception to this is the obligation to disclose personal data to designated public authorities and other entities that are legally authorized to request personal data (e.g. the Police of the Czech Republic, the Financial Office, etc.).
6. Security of Your Personal Data
6.1. Security Measures and Policies
We have implemented the necessary technical and organizational measures of internal control and information security processes in our system, which correspond to best practices and are in line with the potential risk. We also consider future technological developments to protect your personal data from unauthorized disclosure, access, or loss. These measures include, among other things, staff training in personal data protection, regular data backups, data recovery procedures, mechanisms for accountability for breaches of protected data, and software and hardware protection.
7. Your Rights
7.1. Information Provided
If you exercise a right under this Article 7 of the Privacy Policy or in accordance with any other applicable legal regulation, we will inform each recipient who processes your personal data about the measures taken regarding your personal data if such notification to the recipient is possible and/or does not require disproportionate effort.
7.2. Exercise of Rights
If you wish to exercise your rights or obtain relevant information, please contact us via any of our contact details. When you contact us, we must ask you to provide your identification data or other personal data that you have previously provided to us. Providing this information is necessary to verify that you are indeed the person who submitted the request. We will respond to you no later than one month from receipt of such a request, and we reserve the right to extend this period by two months.
7.3. Your Rights
In accordance with applicable legal regulations, you may request access to the personal data we process, the right to rectification, erasure, or portability, the right to lodge a complaint, the right to request restriction of processing, and the right to object to processing. You may withdraw your consent to the processing of personal data at any time.
7.4. Rectification of Your Personal Data
In accordance with the GDPR, you have the right to rectify inaccurate or incomplete personal data that we process about you. If you wish to have your personal data corrected, you can contact us via any of our contact details. We take steps to ensure that your personal data is kept up to date and accurate. You can contact us at any time if we continue to process your personal data.
7.5. Erasure of Your Personal Data
You may request the deletion of your personal data from us at any time. After you contact us with such a request, and if one of the grounds for erasure applies, we will delete the relevant personal data from our databases without undue delay unless we process some of your personal data due to our legal obligation or for the establishment, exercise, or defense of our legal claims.
7.6. Withdrawal of Consent to Personal Data Processing
You may withdraw your consent to the processing of personal data that you have given us at any time without giving any reason. If you wish to withdraw your consent, please let us know via any of our contact details. Please note that the withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
7.7. Access to Your Personal Data and Portability
You have the right to obtain information about the processing of your personal data and a copy of the personal data we process about you. If you request it, we can transfer all or part of the personal data you have provided to us (processed by automated means on the basis of a contract or consent) directly to a third party (another data controller) that you specify in your request for the transfer of personal data, provided that such request does not adversely affect the rights and freedoms of others and is technically feasible.
7.8. Restriction of Processing
If you submit a request for restriction of the processing of your personal data, especially in cases where you have doubts about the accuracy, lawfulness, or our need to process your personal data, we will assess your request and may restrict the processing of your personal data to the minimum necessary (processing for assessment, exercise, or defense of our legal claims or to protect the rights of another natural or legal person or for other reasons). However, if we lift the restriction on processing and continue processing your personal data, we will inform you without undue delay.
7.9. Objection to Processing
You have the right to object at any time to the processing of your personal data on grounds relating to your particular situation if such processing is based on our legitimate interest. We will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing or if such processing relates to direct marketing.
7.10. Complaint to the Office for Personal Data Protection
You have the right to lodge a complaint regarding our processing of personal data with the Office for Personal Data Protection, with its seat at Pplk. Sochora 27, 170 00 Prague 7, Czech Republic, website: https://www.uoou.cz/.
8. Updates to this Privacy Policy
8.1. Version and Updates
This Privacy Policy is effective as of 16 September 2024. We continuously update the Privacy Policy. Any changes to this Privacy Policy are effective once published on the Website.
9. Questions and Comments
9.1.
If you have any comments or questions regarding any part of this Privacy Policy, if you need assistance, or if you have any claims, please contact us at info@familyhub.cz.