Principles of personal data protection

  1. The administrator and personal data

  •  The Personal Data Administrator under Article 4 (7) of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as the: “GDPR”) is PBF PLANET AGENCY s.r.o., ompany ID No. 11774738, offices at Keltičkova 1905/44, Ostrava 10, Postcode 710 00

(hereinafter referred to as the: “administrator”).

  • The contact details of the administrator are:
    • e-mail:
    • tel: +420 246 007 520
  • Personal data within the meaning of Regulation (EU) 2016/6792016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / ES (hereinafter referred to as the “GDPR”) is understood to mean any information about an identified or identifiable natural person
  1. Sources and purpose of personal data processing

  • The administrator processes the personal data provided to them, or personal data, which the administrator gained on the basis of orders or contracts.
  • The administrator processes the identification and contact details and data necessary for the execution of orders and contracts, as well as personal data on the basis of legitimate reasons or legitimate interests.
  • The legal reason for the processing of personal data is the performance of contracts under Article 6, paragraph 1 of the GDPR, as well as the legitimate interest of the administrator in providing direct marketing (in particular for sending business messages and newsletters) pursuant to Article 6, paragraph 1, point f of the GDPR, further consent to processing for the purpose of providing direct marketing (in particular for sending business messages and newsletters) in accordance with Article 6, paragraph 1, point a of the GDPR in conjunction with Section 7, paragraph 2 of Act No. 480/2004, Coll., on certain services of the information society in the event of goods or services not being ordered.
  • The purpose of processing personal data is to fulfil orders and exercise rights and obligations arising from contractual relationships. The provision of personal data is a necessary requirement for the conclusion and fulfilment of the contract, without the provision of personal data, it is not possible to conclude the contract or to fulfil it by the administrator, and also to send commercial messages and carry out other marketing activities, including documentation or photo documentation of realized activities and events.

  1. Retention period for personal data

  • The administrator keeps personal data for the time necessary to exercise the rights and obligations arising from the contractual relations, and the enforcement of the claims under these contractual relationships, until the consent to the processing of personal data for marketing purposes is revoked, or for a maximum of 10 years if the personal data is processed by consent.
  • Once the retention period has elapsed, the administrator will erase the personal data.
  1. Recipients of personal data

  • The recipients of personal data are external contractors involved in the delivery of goods, services, and payments, based on contractual relationships, as well as providers of technology for website administration, operation and mediation (,, .
  • An administrator may transfer personal data to third parties, to a third country, and outside the EU for the purpose of implementing contractual relationships, such as flights, cruises, accommodation, insurance, or transfers, for the purpose of processing entry formalities or visas, and for ensuring security, the protection of property, health, or for other legitimate reasons.
  1. Your rights

Under the terms of the GDPR, you have:

  • the right of access to your personal data under Article 15 of the GDPR
  • the right to rectification of personal data under Article 16 of the GDPR, or the restriction of processing under Article 18 of the GDPR
  • the right to delete personal data under Article 17 of the GDPR
  • the right to object to processing under Article 21 of the GDPR
  • the right to data portability under Article 20 GDPR
  • the right to withdraw consent to processing, in writing or electronically, to the address, or the email of the administrator referred to in Article III of these Terms

 Furthermore, you have the right to file a complaint with the Office for Personal Data Protection, in the event that you believe that your privacy has been violated.

  1. Conditions for securing personal data

  • The administrator declares that he has taken all appropriate technical and organizational measures to safeguard personal data, has also taken technical measures to secure the data repositories, as well as the personal data repositories in paper form, and only persons authorized by them may have access.
  1. Closing provisions

  • By submitting an order or an application form from the online form, you acknowledge the privacy terms & conditions, and that you accept them in their entirety. You also agree with these terms & conditions by ticking your consent via the online form.
  • The administrator is entitled to modify these terms & conditions, and publish a new version of the privacy policy on their website.  


These terms & conditions come into force and effect as of 07.08.2023.