Privacy Policy

Q: Can I withdraw consent for marketing?

Yes, anytime. Via the cookie banner/page or by e-mail to info@y-e.cz.

Q: How long do you keep invoices and accounting documents?

According to statutory periods, usually 5–10 years.

Q: Do you transfer data outside the EU?

Only if necessary and with appropriate safeguards (SCC). Details available on request.

Q: Do you carry out profiling with legal effects?

No, we do not perform such automated decision-making.

How we process and protect your personal data and what rights you have.

This policy describes how YOUNG4ENERGY s.r.o. processes personal data in accordance with GDPR and related Czech legislation. Here you'll find the purposes of processing, legal bases, retention periods, categories of recipients and an overview of your rights.

Data Controller

controller

YOUNG4ENERGY s.r.o.
IČO: 04083351
Registered office: Korunní 595/76, 709 00 Ostrava, Czech Republic
E-mail: info@y-e.cz

If we appoint a Data Protection Officer (DPO), their contact will be listed on this page.
Currently: not appointed.

What data we process and where it comes from

Identification & contact (name, company, reg. no., e-mail, phone, address) – typically provided in an enquiry form or when concluding a contract.
Service / project data (specification, technical parameters, communications, contracts, invoices).
Operational & technical (server logs, security events) – for operation and security.
Marketing / analytics – only if you give consent (see the Cookies page).

Purposes and legal bases

Enquiries, contracts and performance – quotes, project delivery, invoicing, service.
legal basis: contract performance (Art. 6(1)(b))
Communication & relationship management – replying to queries, meeting scheduling, sales pipeline records.
legal basis: legitimate interests (Art. 6(1)(f))
Accounting & legal obligations – tax documents, statutory archiving, compliance.
legal basis: legal obligation (Art. 6(1)(c))
Security & IT operations – logging, abuse prevention, network and service protection.
legal basis: legitimate interests (Art. 6(1)(f))
Analytics & marketing – website measurement, newsletter, personalisation (if enabled).
legal basis: consent (Art. 6(1)(a))

Retention periods

We keep data only as long as necessary considering the purpose and statutory archiving periods. Typical intervals are below; actual retention may differ depending on the contract and legal requirements.

Category	Typical period	Note
Contract & accounting	5–10 years	per statutory periods (e.g. tax laws)
Enquiries & communication	up to 2 years	or for the duration of active negotiations
Security logs	up to 12 months	incident prevention, audit
Marketing / analytics	6–24 months	only with consent; see Cookies

Recipients and transfers to third countries

We share data only when necessary (e.g., accounting, legal and IT providers, hosting, delivery services) or where required by law. We have data processing agreements in place with processors.

For transfers outside the EEA we use appropriate safeguards (notably the EU Standard Contractual Clauses). A list of main recipient categories is available upon request.

Your GDPR rights

Access to data and a copy of processed data
Rectification of inaccurate and completion of incomplete data
Erasure (“right to be forgotten”) where the purpose no longer applies or no legal ground exists
Restriction of processing and the right to object (especially where based on legitimate interests)
Data portability (for data processed on the basis of consent/contract)
Withdrawal of consent at any time (without affecting prior lawful processing)
Complaint to the supervisory authority (Czech DPA – ÚOOÚ)

Exercise your rights by e-mailing info@y-e.cz. We may need to verify your identity to protect your privacy.

Profiling and automated decision-making

We do not carry out automated decision-making with legal effects within the meaning of Art. 22 GDPR. Any segmentation for analytics/marketing is done only with consent and without legal effects.

Security of processing

Encrypted transport (HTTPS/TLS), access segmentation and permission management
Backups & monitoring, software updates and vulnerability remediation
Contractual commitments with processors and strong confidentiality

Processing of children’s data

Our services are not aimed at children under 16. If you believe we inadvertently received a child’s data, please contact us for rectification.

Cookies and similar technologies

See details including categories, legal bases and consent management on the Cookies.

Frequently Asked Questions (FAQ)

Can I withdraw consent for marketing?

How long do you keep invoices and accounting documents?

Do you transfer data outside the EU?

Do you carry out profiling with legal effects?