Privacy Policy
Last updated: April 8, 2026
1. Data Controller
The data controller is steezr s.r.o., Reg. No.: 22354883, VAT No.: CZ22354883, with registered address at K Rybníčkům 282/19, Praha 10, 100 00, Czech Republic (hereinafter "controller" or "we"). Contact email: privacy@steezr.com.
2. What Personal Data We Collect
- Full name
- Email address
- Phone number (optional)
- Billing details (address, Reg. No., VAT No.)
- Language preference
- Booking and payment data (lesson date, payment type)
3. Purpose and Legal Basis
| Purpose | Legal Basis |
|---|---|
| Creating and managing bookings | Contract (Art. 6/1b) |
| Processing payments via Stripe | Contract (Art. 6/1b) |
| Issuing invoices (Fakturoid) | Legal obligation (Art. 6/1c) |
| Sending email confirmations | Legitimate interest (Art. 6/1f) |
| Photos & videos from lessons for marketing | Consent (Art. 6/1a) |
4. Photos and Videos from Lessons
Photos and videos may be taken during lessons and used exclusively for marketing purposes and on the controller's social media channels (Instagram, Facebook, YouTube, TikTok, etc.). By attending the lesson and checking the consent box during booking, you consent to this use. You may withdraw consent at any time by emailing privacy@steezr.com — we will remove your footage from future publications where technically feasible.
5. Data Recipients
Your data may be shared with the following processors:
- Stripe, Inc. — payment processing
- Fakturoid s.r.o. — invoicing
- Amazon Web Services (SES) — email delivery
- Sentry — application error tracking
- Google (GTM, Analytics) — traffic analytics (only with consent)
Data is not transferred to third countries outside the EU/EEA, except through processors (Stripe, AWS) who ensure adequate safeguards under Art. 46 GDPR (standard contractual clauses).
6. Data Retention
- Booking and payment data: for the period required by law for tax records (min. 10 years).
- Contact data (name, email, phone): for the duration of the contractual relationship and 3 years after its termination.
- Photos and videos: until consent is withdrawn.
7. Your Rights
Under the GDPR, you have the right to:
- Access your personal data (Art. 15)
- Rectification of inaccurate data (Art. 16)
- Erasure of data (Art. 17)
- Restriction of processing (Art. 18)
- Data portability (Art. 20)
- Object to processing (Art. 21)
- Withdraw consent — at any time, without affecting the lawfulness of prior processing
You can exercise your rights by emailing privacy@steezr.com. You also have the right to lodge a complaint with the Czech Data Protection Authority (ÚOOÚ, www.uoou.cz).
8. Cookies
We use essential cookies for authentication (session cookie). Additionally, through Google Tag Manager (GTM), we use optional analytics and marketing cookies — these are only activated with your explicit consent via the cookie preferences banner.
- Essential cookies: session cookie for authentication. Cannot be disabled.
- Analytics cookies: help us understand how you use the site (e.g., Google Analytics). Require your consent.
- Marketing cookies: allow us to show relevant ads. Require your consent.
You can change your cookie consent at any time by clearing your browser data and revisiting the site.
9. Data Security
We implement technical and organizational measures to protect your data, including encrypted data transfer (HTTPS/TLS), secure storage of credentials, and regular software updates.