Rules of protection of personal data

We hereby request the users of the website www.educationforinvestors.com (hereinafter referred to as the “user” or “users”) to carefully familiarize themselves with the following provisions and conditions related to the processing of personal data of users and their protection. The purpose of this document is to inform users about the reasons, scope, purpose and method of processing and providing users’ personal data, as well as about their right to access and correct this data.

 

General information
1.1. Information about the administrator

1.1.1. The administrator of users’ personal data is FADCO PROJECT MANAGEMENT L.L.C registered in the commercial register maintained by the Municipal Court in Dubai,  (hereinafter referred to as the “Company “).

1.1.2. In case of any questions regarding the processing of personal data, the user can contact the Company at the email address info@educationforinvestors.com, at the address of the Company’s premises, or in writing at the address of the headquarters listed above.

1.2. Supervisory authorities

The Office for the Protection of Personal Data, based in Prague, is the supervisory body of the Company in the field of personal data protection.

1.3. Information on data subjects

These Personal Data Protection Rules apply to (1) persons who fill out the contact form on the www.educationforinvestors.comwebsite and (2) users of the www.educationforinvestors.com website and applications (hereinafter referred to collectively as “users”).

Concept and principles of processing personal data of users
2.1. The processing of the user’s personal data means any operation or set of operations that the Company or an authorized third party systematically carries out with the user’s personal data or their files; it mainly concerns the collection of personal data, storage on information carriers, making available, modification or alteration, search, use, transfer, dissemination, publication, storage, exchange, sorting or combining, blocking and disposal of personal data of users.

2.2. When processing users’ personal data, the company respects and honors the highest standards of personal data protection to the greatest extent possible, while observing the following principles in particular:

(a) personal data of users are processed in accordance with the relevant legal regulations (in particular in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons in connection with the processing of personal data (hereinafter referred to as ” regulation” or “GDPR”), correctly and transparently;

(b) when processing users’ personal data, the Company fully respects and takes care to protect their rights;

(c) personal data of users are always processed for a clearly and comprehensibly determined purpose, by determined means and in a determined manner;

(d) only those personal data of users are collected, the processing of which corresponds to the specified purposes (it is reasonable, relevant and necessary for the fulfillment of these purposes);

(e) personal data of users is kept by the Company only for the period that is necessary due to the purposes of their processing;

(f) The company processes only accurate and up-to-date personal data of users. If it finds that the processed personal data of users is not accurate or updated, it will take reasonable measures without undue delay, in particular it will ensure that inaccurate or incomplete personal data of users are corrected or deleted;

(g) The company has taken appropriate technical and organizational measures with the aim of ensuring proper security of personal data, their highest possible security and preventing any accidental or illegal violations of their security, in particular unauthorized or illegal provision or disclosure of personal data of users, their alteration, destruction or loss , unauthorized transmissions, their other unauthorized processing, as well as other misuse of personal data. In order to ensure adequate security and confidentiality of personal data, the Company applies the following security measures: encryption of transmitted data; reinforced network infrastructure.

Sources of users’ personal data
3.1. Personal data of users The company obtains mainly from the users themselves when filling out the contact form and also in connection with participation in webinars or individual training or e.g. as part of communication with the Company, contacting the Company with an objection, question or request for information. In addition, the Company also obtains personal data of users from its own activities, by processing already provided personal data of users.

Category of processed personal data
4.1. Personal data of users are processed to the extent necessary to fulfill the processing purposes.

4.2. The company processes the following categories

 

personal data:

a) identification data, which means first and last name in particular;
b) contact data, which means personal data that enable the Company to contact the user, namely e-mail address, telephone number;
c) data on participation in webinars or individual trainings, which are in particular data on the type of training, date and place of participation in the training;
d) data about the user’s behavior on the website, in particular the services that the user views, the links that he clicks on, the way of moving around the website and scrolling the screen, as well as data about the device from which the website is viewed, such as the IP address and the location derived from it , identification of the device, its technical parameters such as the operating system and its version, screen resolution, browser used and its version, as well as data obtained from cookies and similar technologies for device identification (for more information about cookies and their use, see the document Policy for the use of files cookies);
e) data on the user’s behavior when reading the messages sent by the Company, in particular the opening times of the messages and also data on the device on which the messages are read, such as the IP address and the location derived from it, the identification of the device, its technical parameters such as the operating system and its version, screen resolution, used browser and its version;
f) derived data, which means personal data derived from the user’s settings, data about the services he requests from the Company; in particular, this concerns data about the user’s gender, age, financial situation, relationship to various goods and services;
g) data related to interactions with the Company, which are in particular the identification and content of email messages and other correspondence sent by the Company’s user, incl. identifiers such as IP addresses, date and time of sending.

Purposes of processing users’ personal data
4.1. The company processes users’ personal data for various purposes. Depending on the purpose of the processing, in some cases the user’s consent (which can be revoked at any time) is not required for the processing of his personal data. The processing of personal data of users without the need to obtain the consent of the users takes place in most cases of processing, based on the fulfillment of a contract, the legitimate interest of the Company or the fulfillment of a legal obligation.

4.2. The company processes users’ personal data primarily in connection with the provision of services; and therefore for the purpose

a) fulfillment of the contract with the user, negotiations on contract changes, service provision and/or implementation of measures before its conclusion
but also for other purposes, namely:

b) fulfillment of legal obligations, e.g. archiving obligations, accounting and tax purposes, provision of information to law enforcement authorities, or other public authorities
c) improving the quality of user care
d) providing information to users and offering other products and services.
4.3. The company has been processing personal data since the start of negotiations on the provision of the service with a potential user who expressed an interest in the provision of the service. The company processes personal data for the purposes of implementing the requested service. These personal data are processed for the duration of the contractual relationship with the user and subsequently until the statute of limitations for possible claims arising from this contractual relationship, unless another legal regulation stipulates a longer period. In the event that a contract is not concluded or a service is not provided, personal data is processed in the internal system for max. for a period of 4 years, then they are archived until the statute of limitations for all possible claims arising from negotiations and activities related to negotiations on concluding a contract and/or providing a service, unless another legal regulation stipulates a longer period. In this case, the processing of personal data of users is necessary in order to be able to conclude a contract, change it, fulfill or comply with another request of the user. Without the provision and processing of the user’s personal data, the user’s request cannot be granted or the contract concluded, changed or fulfilled. Personal data is processed in this case without the user’s consent based on the law.

4.4. The user’s consent to the processing of personal data is also not necessary if the legal reason for the processing is the legitimate interests of the Company. These legitimate interests mainly consist of processing carried out for the purpose of:

(a) direct marketing (i.e. for the purpose of offering products and services, either in writing, electronically or by phone, as well as sending commercial messages and newsletters, carried out only to a limited extent);

(b) evaluation of the Company’s activities and improvement of user care (i.e. implementation of evaluations, researches, analyses, statistical processing, evaluation of the communication of the Company and its users);

(c) exercising the rights and enforcing the Company’s claims against users;

(d) enforcement of the Company’s rights against users in court and other proceedings and fulfillment of obligations imposed on users in such proceedings

(e) increasing the security of the Company’s network and information systems.

4.4. The user’s consent is the legal basis for the processing of personal data for the purposes listed below, primarily:

(a) advertising and marketing, i.e. Mr

objections to the sale of products and services offered by the Company (this mainly concerns the dissemination of information, the offering of the Company’s products and services), which is carried out more often or requires the processing of users’ personal data to a wider extent than the processing carried out for the legitimate interests of the Company, in particular by mail, electronic means or by phone; this processing of users’ personal data also includes sorting and categorizing the user’s personal data in the form of profiling);

(b) use of the so-called cookies and information about visits to the Company’s website.

Processing time of users’ personal data
6.1. Personal data of users are processed only for the time that is necessary due to the purposes of their processing. For this purpose, the company continuously assesses whether there is still a need to process certain personal data and, in relation to certain purposes of processing personal data, the period during which the data is usually usable has been evaluated. Information regarding the period of personal data processing, as well as the purposes of the processing and the legal basis for the processing are given in the table below.

Identification and contact data
Why (purpose)

Based on what (legal reason)

How long (retention period)

►obtaining information for improving services in the future, especially determining satisfaction with the Company’s services; the legitimate interest here is the improvement of the Company’s services

►by providing tailored offers and targeted advertising, which the Company can send by e-mail, text message, using social networks, communicate them by phone or other electronic means, or display on the Company’s website; the legitimate interest here is the effective promotion of the Company’s products and services

►adapting the functions of the Company’s website to the needs of users, based on a legitimate interest, which consists in improving and adapting the Company’s services to users; for this purpose, the Company also processes the users’ IP address and the location derived from it

Legitimate interest of the Company

Personal data are used for these purposes for a maximum of 6 months.

The user has the right to object to this processing carried out on the basis of the legitimate interest of the Company.

►protection of legal claims

►internal records and controls

The legitimate interests of the Company here are the protection of legal claims and control of the proper provision of services.

Legitimate interest of the Company

For these purposes, personal data are processed for the duration of the limitation period of 3 years and one year after its expiration with regard to the claims made at the end of the limitation period. In the event of initiation of judicial, administrative or other proceedings, the Company processes the user’s personal data to the extent necessary for the entire duration of such proceedings and the remaining part of the limitation period after its termination. The user has the right to object to this processing carried out on the basis of a legitimate interest.

►observance of the following laws in particular:

Act No. 89/2012 Coll., Civil Code,

Act No. 634/1992 Coll., on consumer protection,

Act No. 235/2004 Coll., on value added tax,

Act No. 563/1991 Coll., on accounting.

Fulfillment of legal obligations

Personal data are used for these purposes for a maximum of 10 years after participation in the last training.

►for the purpose of preparing, concluding and fulfilling a contract with the user. Fulfillment of this contract is also a legitimate interest of the Company

Legitimate interest

Personal data are used for these purposes for the time necessary to ensure the user’s participation in the training.

Data about the user’s behavior on the website and Derived data
Why (purpose)

Based on what (legal reason)

How long (retention period)

► obtaining information for improving services in the future, especially determining satisfaction with the Company’s services; the legitimate interest here is the improvement of the Company’s services

►creation of statistics and overviews, especially monitoring of website traffic, its individual pages and measurement of advertising effectiveness; the legitimate interest here is to measure the effectiveness of the website and advertising expenses; for this purpose, the Company may obtain additional derived data from the behavior of users on the website and use them for this purpose, or may transfer pseudonymized data to its partners for settlement of commissions, etc.;

►testing of new functions and applications before deployment, in particular; the legitimate interest here is the trouble-free functionality of the Company’s services for users;

►preventing attacks on the Company’s website and jeopardizing its functionality and user data security; the legitimate interest here is the trouble-free functionality of the Company’s services for users and the security of user data.

►by providing tailored offers and targeted advertising, which the Company can send by e-mail, text message, using social networks, communicate them by phone or other electronic means, or display on the Company’s website; the legitimate interest here is the effective promotion of the Company’s products and services.

Legitimate interest of the Company

Personal data are used for these purposes for a maximum of 38 months, during which time the data is kept only in pseudonymized form. The user has the right to object to this processing

to.

►creating customized offers and targeted advertisements displayed on the web. The legitimate interest here is a maximally personalized and effective offer for users. From the data for this purpose, derived data are obtained by means of analysis.

Legitimate interest of the Company

Personal data are used for these purposes for a period of 1 month.

Data on participation in webinars or individual trainings
Why (purpose)

Based on what (legal reason)

How long (retention period)

►obtaining information for improving services in the future, especially determining satisfaction with the Company’s services; the legitimate interest here is to improve the services of the Company a

►by providing tailored offers and targeted advertising, which the Company can send by e-mail, text message, using social networks, communicate them by phone or other electronic means, or display on the Company’s website; the legitimate interest here is the effective promotion of the Company’s products and services.

►adapting the functions of the Company’s website to the needs of users, based on a legitimate interest, which consists in improving and adapting the Company’s services to users; for this purpose, the Company also processes the users’ IP address and the location derived from it

Legitimate interest of the Company

Personal data are used for these purposes for a maximum of 6 months.

The user has the right to object to this processing carried out on the basis of the legitimate interest of the Company.

►participation in training;

►in connection with service complaints;

►in connection with other user requests, their processing and records.

Legitimate interest of the Company

Personal data are used for these purposes for the time necessary to ensure participation in the training, or settlement of a contractual request, such as a complaint.

►protection of legal claims

►internal records and controls

The legitimate interests of the Company here are the protection of legal claims and control of the proper provision of services.

Legitimate interest

For these purposes, personal data are processed for the duration of the limitation period of 3 years and one year after its expiration with regard to the claims made at the end of the limitation period. In the event of initiation of judicial, administrative or other proceedings, the Company processes the user’s personal data to the extent necessary for the entire duration of such proceedings and the remaining part of the limitation period after its termination. You have the right to object to this processing carried out on the basis of a legitimate interest.

►observance of the following laws in particular:

Act No. 89/2012 Coll., Civil Code,

Act No. 634/1992 Coll., on consumer protection,

Act No. 235/2004 Coll., on value added tax,

Act No. 563/1991 Coll., on accounting.

Fulfillment of legal obligations

Personal data are used for these purposes for a maximum of 10 years after participation in the last training.

User data on behavior when reading messages sent by the Company
Why (purpose)

Based on what (legal reason)

How long (retention period)

►obtaining information for improving services in the future, especially determining satisfaction with the Company’s services; the legitimate interest here is the improvement of the Company’s services

► provision of tailored offers and targeted advertising, which the Company can send by e-mail, text message, using social networks, communicate them by phone or other electronic means, or display on the Company’s website; the legitimate interest here is the effective promotion of the Company’s products and services.

Legitimate interest of the Company

Personal data are used for these purposes for a maximum of 6 months.

The user has the right to object to this processing carried out on the basis of the legitimate interest of the Company.

Method of processing users’ personal data
7.1. General information

7.1.1. The company processes personal data of users in a way that ensures the highest possible security of this data and that prevents any unauthorized, illegal or accidental access to personal data of users, their change, destruction or loss, unauthorized transfers, their other unauthorized processing, as well as other misuse personal data.

7.1.2. The way in which users’ personal data is processed includes manual processing as well as automated processing in the Company’s information systems or in physical form. As part of the automated processing in these systems and during the manual processing of users’ personal data, appropriate technical and organizational measures are used to ensure the protection of users’ personal data.

7.2. Automated decision making and profiling

7.2.1. In the processing of personal data by the Company, there is no decision-making based solely on automated processing that would have legal effects or otherwise significantly affect the data subjects whose personal data the Company processes according to these rules.

7.2.2. The company does not profile users’ personal data.

Transfer of personal data of users
8.1. General information

8.1.1. Personal data of users are processed primarily by the Company’s own employees, and are also used by third parties

persons (business partners of the Company).

8.1.2. All persons who come into contact with the personal data of users are obliged to observe the confidentiality of information obtained in connection with the processing of such data.

8.1.3 Users’ personal data is usually processed in the territory of the Czech Republic, or in the territory of other European Union states. Personal data of users is not transferred to other countries outside the European Union.

8.2. Transfer of personal data to business partners

8.2.1. In connection with the fulfillment of the contract and processing of the order, personal data of users may be transferred to the Company’s business partners, in particular the following categories of business partners: providers of IT services, legal services, providers of advertising services (e.g. marketing agencies, call centers, etc.), business partners participating in the organization of training, etc.

8.2.2. Specifically, personal data is provided:

a) partners providing system management, order administration, website management, namely the company CREOS s.r.o., IČO: 29113229, registered office: Dvořákova 14, 602 00 Brno; the privacy protection conditions of this company are available here: http://www.creos.cz/
b) on the basis of the user’s consent to advertising and social networks who are in the role of administrator, namely:
Google Ireland Limited (registration number: 368047), with registered office at Gordon House, Barrow Street, Dublin 4, Ireland; this company’s privacy policy is available here: https://policies.google.com/technologies/ads

Facebook Ireland Limited, with registered office at 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, D02 X525, Ireland; the privacy protection conditions of this company are available here: https://cs-cz.facebook.com/about/privacy

Seznam.cz, a.s., IČO 26168685, with registered office Radlická 3294/10, Smíchov, 150 00 Prague 5, the privacy protection conditions of this company are available here: https://o.seznam.cz/ochrana-udaju/.

User rights in connection with the processing of personal data
Users have a number of rights in connection with the processing of their personal data:

9.1.1. The right to access personal data: The User has the right to ask the Company for confirmation as to whether or not his personal data is being processed by the Company, and if so, he has the right to obtain access to this personal data and to the specified information. As part of the right of access upon request, the Company will provide the user with a copy of the processed personal data free of charge.

9.1.2. The right to erasure (also referred to as the “right to be forgotten”): This right allows the user to ask the Company to delete his personal data without undue delay, if any of the reasons established by law are given. In particular, if the user revokes the granted consent to the processing of personal data, the purpose of the processing of personal data has expired, or the user raises an objection to the processing of personal data and there are no overriding legitimate reasons for the processing, the personal data is processed illegally, the reason for erasure is also the fulfillment of obligations under the law, a special regulation or international agreement to which the Czech Republic is bound. However, this right is not absolute, in certain cases the Company is neither obliged nor entitled to comply with this request, especially when the processing of personal data is necessary for the Company to fulfill its legal obligations or to determine, exercise or defend the Company’s legal claims.

9.1.3. Right to restriction of processing: The User has the right to request that the Company restrict the processing of his personal data if this is in accordance with one of the reasons established by law. For example due to the inaccuracy of the processed personal data or the illegality of their processing, or if the Company as administrator no longer needs the personal data for the purposes of processing, but the user requires them for the determination, exercise or defense of legal claims

9.1.4. Right to data portability: In the event that personal data has been provided by the user and this data is processed on the basis of the user’s consent or for the purpose of fulfilling a contract and the processing is carried out automatically, the user has the right to obtain this personal data from the Company in a structured, commonly used and machine readable format and pass them on to another administrator. The user can also ask the Company to transfer his personal data directly to another administrator.

9.1.5. Right to rectification: In the event that the Company processes inaccurate or incomplete personal data of the user, the user has the right to have them rectified and/or completed without undue delay.

9.1.6. The right to withdraw consent to the processing of personal data: The granting of consent to the processing of personal data by the user is voluntary. If the user gives consent to the Company, he can revoke it at any time without giving a reason in one of the following ways:

(i) by e-mail sent to the address info@skolainvestora,

(ii) by sending in writing to the address of the Company’s place of business or headquarters.

The revocation of consent by the user has effects primarily for the future, it does not affect the legality of personal data processing before its revocation. If the user revokes the consent

or does not provide, a situation may arise that the Company will not be able to provide some services, or that it will be forced to modify them in a justified way. If in such a case the user withdraws his consent, the Company will stop processing the relevant personal data for the purposes requiring the relevant consent, but it may be entitled, or even obliged, to continue processing the same personal data for other purposes.

9.1.7. The right to object: If the user’s personal data is processed for the purposes of the legitimate interests of the Company, the user is entitled to object to such processing. In such a case, the Company must prove the legitimate interests of such processing, otherwise it will terminate the processing of personal data. In the case of activities related to direct marketing, the Company will immediately terminate such processing of the user’s personal data and they will no longer be processed for this purpose.

9.1.8. The right not to be the subject of automated individual decision-making: The user has the right not to be the subject of a decision based solely on automated processing, including profiling, if these profiling procedures have legal effects for him or significantly affect him in a similar way. However, this does not apply if such processing of personal data is necessary for the conclusion of a contract, the performance of a contract between the user and the Company, or if the processing was carried out in accordance with a special regulation or an international treaty to which the Czech Republic is bound, or if the user gave explicit consent to this processing.

9.1.8. The right to file a complaint: The user can file a complaint with the supervisory authority if he believes that the processing of his personal data violates the relevant legal regulations. The supervisory authority is the Office for the Protection of Personal Data, www.uoou.cz, with headquarters in Pplk. Sochora 27, 170 00 Prague 7.

9.1.9. The above-mentioned rights, as well as complaints, can be exercised by users in writing with an officially verified signature at the address of the Company’s registered office or place of business or by e-mail to info@skolainvestora.cz. Persons who are not users cannot exercise the right to correction, restriction of processing and the right to object to processing, for the reason that their data is not processed in any way, serves only for archiving purposes and is automatically deleted after the expiration of the statutory period for archiving . The company informs the user about the processing of his complaint or request no later than one month from the delivery of the request. In some cases, this period may be extended, the user will be informed about this. If it is not possible to comply with the user’s request, the Company will inform him of this fact and its reasons, and instruct the user about his other rights (the right to file a complaint and to court protection).

9.2. The company is entitled to change these Rules. Changes to these Rules become effective upon publication of their updated version on the website. If the user continues to use the website after the updates have been made, it will be understood as his consent to the updated version of the Rules.

Interface with third-party websites and services
The Company’s websites and applications may contain links, references and content from other websites and services over which the Company has no control. The Company points out that it has no control over such websites and services and that the Privacy Policy and the use of cookies do not apply to them.

The Company is not responsible for any problems arising in connection with the use of user data and encourages users to always familiarize themselves with the privacy and cookie policies and terms of use of each website and service they visit or use through a link or linked interfaces.

These principles are valid and effective from June 1, 2022.