Privacy
1) Who we are
Data Controller: Athlos Performance s.r.o.
ID: 23157780
Address: Na Přervalině 1813, 739 34 Šenov
E-mail: [email protected]
Definition: If "we" or "Controller" is mentioned in these Policies, it refers to Athlos Performance s.r.o. If "you" is mentioned, it refers to the natural person (data subject) whose personal data we process. Personal data is any information about an identified or identifiable natural person, primarily name, surname, e-mail, IP address, etc.
This website serves as a presentation of the Athlos Performance project and for communication with users and business partners. We do not use cookies or third-party analytics or marketing tools.
2) What data we process and why
a) Server logs
During a regular website visit, our hosting provider DigitalOcean, LLC automatically stores technical data:
- Visitor's IP address
- Browser type and version (User-Agent)
- Request date and time (timestamp)
- Request URL and status code
Purpose: ensuring operation, security, maintenance and technical stability of the website.
Legal basis: legitimate interest of the controller (Art. 6(1)(f) GDPR).
Retention period: logs are kept for 30 days and then automatically deleted.
b) Contact form
When submitting a message via the form, we process mainly your:
- Name
- Message (your text)
Providing this information is necessary to respond to your request.
Purpose: handling the inquiry, sending an offer of our services or ensuring effective necessary communication with users.
Legal basis: Art. 6(1)(b) GDPR (pre-contractual negotiations) and Art. 6(1)(f) GDPR (legitimate interest).
Retention period: up to 6 months from the last communication, or for the period necessary to settle any rights, obligations and claims arising from the communication.
3) Who has access to the data
- Hosting provider: DigitalOcean, LLC
- Website administrator and authorized persons of Athlos Performance
- Public authorities – only if required by law
We never sell or provide data to marketing networks. We may make it available to third parties (e.g. processors, IT support) based on a contract to the necessary extent, in accordance with Article 28 GDPR. Personal data may be made available to public authorities if required by law or to protect the Controller's rights.
4) Where the data is processed
The website is hosted on DigitalOcean infrastructure in an EU/EEA data center (e.g., Frankfurt or Amsterdam). Any transfers outside the EU are based on Standard Contractual Clauses (SCC).
5) Your rights
You have the following rights in connection with the processing of personal data:
- Right of access to personal data according to Art. 15 GDPR: You have the right to obtain confirmation as to whether your personal data is being processed, and if so, you have the right to access this personal data and information about the purpose of processing, categories of personal data, recipients, retention period, the right to rectification, erasure, restriction of processing and the right to lodge a complaint.
- Right to rectification according to Art. 16 GDPR: You have the right to rectification of inaccurate personal data and to the completion of incomplete personal data.
- Right to erasure ("right to be forgotten") according to Art. 17 GDPR: You have the right to erasure of personal data if at least one of the conditions set out in Art. 17 GDPR is met, e.g. personal data is no longer necessary for the purposes for which it was collected, you withdraw consent to processing, personal data was processed unlawfully.
- Right to restriction of processing according to Art. 18 GDPR: You have the right to restriction of processing of personal data if at least one of the conditions set out in Art. 18 GDPR is met, e.g. you contest the accuracy of the personal data, the processing is unlawful and you request restriction of processing instead of erasure.
- Right to object to processing according to Art. 21 GDPR: You have the right to object to the processing of personal data on the basis of the legitimate interest of the controller, including profiling, on grounds relating to your particular situation.
- Right to data portability according to Art. 20 GDPR: You have the right to obtain the personal data you have provided to us in a structured, commonly used and machine-readable format, and the right to transmit that data to another controller, where the processing is based on consent or on a contract and is carried out by automated means.
- Right to lodge a complaint with the Office for Personal Data Protection (ÚOOÚ): You have the right to lodge a complaint with the supervisory authority, which is the Office for Personal Data Protection, at Pplk. Sochora 27, 170 00 Prague 7; e-mail: [email protected]; www.uoou.cz; tel.: +420 234 665 111, if you believe that your right to personal data protection has been violated.
To exercise your rights or if you have any questions, please contact us at [email protected].
6) Security
We use HTTPS/TLS encryption, firewall, restricted access to logs, regular system updates and other technical and organizational measures to protect personal data from unauthorized access, loss or misuse.
7) Document changes
This document may be updated in case of changes in technology, the way personal data is processed or legal requirements. We will inform users of material changes in an appropriate manner.
Last revision date: December 15, 2025