top of page

Personal Data Processing Policy (GDPR)
 

1. Personal Data Controller

The personal data controller is the company Z STUDIO, spol. s r. o., with registered office at Průmyslová 1305, 763 02 Zlín-Malenovice, Company ID: 63490765 (hereinafter “controller”).
 

Contact

E-mail: zstudio@zstudio.cz

Telephone: +420 577 009 711

2. What data we process

We process the following personal data of customers:

  • name and surname

  • company name (if it concerns a legal entity)

  • e-mail address

  • telephone number

  • address (billing and possibly delivery)

  • data contained in orders and contracts

  • data required for invoicing and accounting.

 

3. Purpose of data processing

We process personal data for the purpose of:

  • processing orders and commissions

  • issuing invoices and fulfilling accounting obligations

  • communication

  • protecting the controller's rights (e.g. for handling complaints or debt recovery).

 

4. Legal basis for processing

We process personal data on the basis of:

performance of contract (Art. 6(1)(b) GDPR)

fulfilment of legal obligations (Art. 6(1)(c) GDPR)

legitimate interest of the controller, e.g. for the purposes of protecting rights (Art. 6(1)(f) GDPR)

possibly consent of the data subject, if required (e.g. for marketing)

5. Data retention period

We retain personal data:

  • for the duration of the contractual relationship and subsequently for the period stipulated by law (e.g. by the Accounting Act)

  • in case of legitimate interest – until it ceases

  • in case of consent – until its withdrawal

 

6. Transfer of data to third parties

  • Data may be transferred to:

  • accounting and tax adviser

  • IT providers (e.g. e-mail services, cloud storage, website administrator)

  • transport services (in case of order delivery)

  • in justified cases to state administration bodies

We do not transfer your data outside the EU.
 

7. Rights of the data subject

You have the right:

  • to access your personal data

  • to rectification or erasure of data

  • to restriction of processing

  • to object to processing

  • to lodge a complaint with the Office for Personal Data Protection​

 

8. Data security

We take care of technical and organisational measures that protect personal data against unauthorised access, loss or misuse.
 

9. Final provisions

This policy comes into effect on 3rd January 2026. The current version is available on request or at the company's registered office.

bottom of page