Privacy Policy

Q: Can I withdraw consent for marketing?

Yes, anytime. Via e-mail to info@y-e.cz.

Q: How long do you keep invoices and accounting documents?

According to statutory periods, usually 5–10 years.

Q: Do you transfer data outside the EU?

Only if necessary and with appropriate safeguards (SCC). Details available on request.

Q: Do you carry out profiling with legal effects?

No, we do not perform such automated decision-making.

How we process and protect your personal data and what rights you have.

This policy describes how YOUNG4ENERGY s.r.o. processes personal data in accordance with GDPR and related Czech legislation. Here you'll find the purposes of processing, legal bases, retention periods, categories of recipients and an overview of your rights.

Data Controller

controller

YOUNG4ENERGY s.r.o.
IČO: 04083351
Registered office: Korunní 595/76, 709 00 Ostrava, Czech Republic
E-mail: info@y-e.cz

If we appoint a Data Protection Officer (DPO), their contact will be listed on this page.
Currently: not appointed.

What data we process and where it comes from

Identification & contact (name, company, reg. no., e-mail, phone, address) – typically provided in an enquiry form or when concluding a contract.
Service / project data (specification, technical parameters, communications, contracts, invoices).
Operational & technical (server logs, security events) – for operation and security.
Marketing / analytics – only aggregated data without identifying individuals (Umami).

Purposes and legal bases

Enquiries, contracts and performance – quotes, project delivery, invoicing, service.
legal basis: contract performance (Art. 6(1)(b))
Communication & relationship management – replying to queries, meeting scheduling, sales pipeline records.
legal basis: legitimate interests (Art. 6(1)(f))
Accounting & legal obligations – tax documents, statutory archiving, compliance.
legal basis: legal obligation (Art. 6(1)(c))
Security & IT operations – logging, abuse prevention, network and service protection.
legal basis: legitimate interests (Art. 6(1)(f))
Analytics & marketing – anonymous website measurement for improvement (Umami).
legal basis: legitimate interests (Art. 6(1)(f))

Retention periods

We keep data only as long as necessary considering the purpose and statutory archiving periods. Typical intervals are below; actual retention may differ depending on the contract and legal requirements.

Category	Typical period	Note
Contract & accounting	5–10 years	per statutory periods (e.g. tax laws)
Enquiries & communication	up to 2 years	or for the duration of active negotiations
Security logs	up to 12 months	incident prevention, audit
Traffic statistics	unlimited	only anonymized aggregated data

Recipients and transfers to third countries

We share data only when necessary (e.g., accounting, legal and IT providers, hosting, delivery services) or where required by law. We have data processing agreements in place with processors.

Traffic data (Umami) is processed on servers in the EU.

Your GDPR rights

Access to data and a copy of processed data
Rectification of inaccurate and completion of incomplete data
Erasure (“right to be forgotten”) where the purpose no longer applies or no legal ground exists
Restriction of processing and the right to object (especially where based on legitimate interests)
Data portability (for data processed on the basis of consent/contract)
Withdrawal of consent at any time (without affecting prior lawful processing)
Complaint to the supervisory authority (Czech DPA – ÚOOÚ)

Exercise your rights by e-mailing info@y-e.cz. We may need to verify your identity to protect your privacy.

Profiling and automated decision-making

We do not carry out automated decision-making with legal effects within the meaning of Art. 22 GDPR.

Security of processing

Encrypted transport (HTTPS/TLS), access segmentation and permission management
Backups & monitoring, software updates and vulnerability remediation
Contractual commitments with processors and strong confidentiality

Processing of children’s data

Our services are not aimed at children under 16. If you believe we inadvertently received a child’s data, please contact us for rectification.

Cookies and similar technologies

This website does not use cookies for tracking users. More info on the page Cookies & Privacy.

Frequently Asked Questions (FAQ)

Can I withdraw consent for marketing?

How long do you keep invoices and accounting documents?

Do you transfer data outside the EU?

Do you carry out profiling with legal effects?