Privacy of policy
1. října 2025
1. října 2025
1. října 2025
ADMINISTRATOR CODE:
We respect the need for privacy, including, but not limited to, any personal data.
We always process personal data in accordance with this Privacy Policy and applicable laws, such as Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC ("General Regulation").
When using the Application and/or providing any personal data to the Administrator, you are responsible for ensuring that your actions comply with this Privacy Policy, and you guarantee that all personal data you provide to us about yourself, your children, or third parties is accurate and that you are authorized to provide us with such personal data.
We may use cookies and similar tracking technologies to track activity related to the www.app2us.app website or the Application. For more information, see below.
We take all reasonable steps to ensure that your data is treated securely and in accordance with this Privacy Policy and that no personal data is transferred to any organization or country that does not guarantee adequate procedures and controls to ensure the security of your personal data.
1. INTRODUCTORY INFORMATION
1.1 Joint controllers: Mgr. Michaela Radoušová, attorney and registered mediator with registered office at Voršilská 130/10, 110 00 Prague, ID No.: 66252989, and Mgr. Andrea Vyskočilová, attorney, registered mediator and registered family mediator, with registered office at Klidná 298/33, 160 00 Prague 6, ID No. 62564421 (jointly or separately hereinafter also referred to as the "Controller" or "Controllers") hereby provide information on the basic principles and rules of personal data protection in accordance with Regulation (EU) No. 2016/679 of the European Parliament and of the Council of 27 4, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter also referred to as the "General Regulation"), on the basis of which, as Controllers of personal data in connection with the conclusion of a contract for the provision of a license to use the app2us (hereinafter also referred to as the "Application"), in connection with the provision of a license authorizing the User to use the Application, and in connection with the operation of the website at www.app2us.cz, process the personal data of the Application user (hereinafter also referred to as the "User" or "Data Subject").
1.2 This information on the processing of personal data, including special categories of personal data (hereinafter also referred to as "Information"), serves to properly inform the User about the scope, purpose, and duration of the processing of personal data and to instruct the User about their rights in connection with the protection of such data.
2. WHO IS THE PERSONAL DATA CONTROLLER
2.1 The personal data controller is the Controller specified in Article 1 of this Information.
2.2 Mgr. Michaela Radoušová and Mgr. Andrea Vyskočilová have entered into an agreement on the regulation of the rights and obligations of joint controllers (hereinafter also referred to as the "Agreement"), in which they have defined their rights and obligations, including responsibility for issues related to the processing of personal data and sensitive personal data. In accordance with the Agreement, the contact person for the Data Subject is Mgr. Michaela Radoušová, who is also responsible for the fundamental rights of Data Subjects as defined further in this document. Mgr. Andrea Vyskočilová is responsible for updating records on the processing of personal data and for reporting security breaches. The controllers are jointly responsible for other obligations.
CONTROLLER'S CONTACT DETAILS
3.1 The controller provides the data subject with the following contact details:
(a) The controller can be contacted in writing at the following address: Voršilská 130/10, 110 00 Prague 1
(b) The controller can also be contacted via email at: support@app2us.app
(c) The controller can be contacted via data box: zwrgib5
(d) The controller can be contacted by telephone at: 00420 793 967 957
(e) The controller does not have a data protection officer.
4. PERSONAL DATA
4.1 What constitutes personal data. Personal data is any information relating to an identified or identifiable natural person (human being) on the basis of which a specific natural person can be directly or indirectly identified. Such a person is then referred to as a data subject.
Personal data includes, for example, name and surname, gender, age, date of birth, marital status, photograph, birth number, place of residence, telephone number, e-mail, location data, network identifier, account username, health insurance data, citizenship, height, weight, biometric data, etc.
4.2 Scope of personal data processing. Personal data is processed to the following extent:
(a) first name, last name, email address, User password
(b) information, data, documents, and contacts to the extent that the User enters them into the Application (typically gender, age, marital status, photograph, place of residence, address, email address, telephone number, date of birth, birth number (if applicable), marital status and family situation, contacts, documents, etc.)
(c) IP address and login metadata
The scope of personal data processing varies in each case depending on what data the User enters into the Application. Please note that the User is responsible for the legality of entering and the accuracy of third-party personal data entered into the Application.
4.3 Purpose and legal basis for processing personal data. In connection with the User's use of the Application, the Controller processes and stores personal data for the following purposes under the conditions and within the limits set by applicable law:
(a) contacting and identifying the User,
(b) securing the User account and data,
(c) registering and managing user accounts in the Application,
(d) providing the Application for use by the User in accordance with its purpose,
(e) monitoring the safe use of the Application and the website www.app2us.cz,
(f) keeping internal records of Users,
(g) keeping the Administrator's accounts,
(h) receiving payments (license fees) and keeping records required by law,
(i) informing the User about news in the Application,
(j) analytics,
(k) marketing purposes, including sending marketing and educational materials and providing other information that may be of interest to Users,
(l) fulfilling the Administrator's obligations under the license agreement with the User (Application usage agreement) and as required by law, and
(m) ensuring other activities and services related to the provision of a license to use the Application,
(n) protection of the legitimate interests of the Administrator,
(o) protection against misuse of the Application.
The Administrator may process personal data if necessary to fulfill legal obligations that apply to it under the provisions of Article 6(1)(c) of the General Regulation.
In some cases, the Controller may process personal data for the purpose of protecting the legitimate interests of the Controller pursuant to Article 6(1)(f) of the General Regulation.
5. SPECIAL CATEGORIES OF PERSONAL DATA
5.1 What belongs to the special category of personal data. Special categories of personal data include data on the racial origin of the data subject, data on his or her ethnic origin, data on political opinions, religious or philosophical beliefs or trade union membership, data on health (physical and mental), data on sexual life or sexual orientation, genetic data, biometric data, such as fingerprints, handwritten signatures, facial images, retinal images, etc.
5.2 Scope of processing of Clients' personal data belonging to a special category of personal data. Personal data belonging to a special category of personal data are processed to the extent that the User voluntarily enters them into the Application or in connection with the use of the Application (e.g., to log into a user account in the Application).
5.3 Purpose and legal basis for the processing of Users' personal data belonging to a special category of personal data. The Controller processes this personal data for the purpose of providing a service (use of the Application by the User) on the basis of the User's consent (i.e., voluntary entry).
6. PERSONAL DATA PROCESSING PERIOD
6.1 Personal data will be processed for the following period:
(a) login details and entered data for the duration of use of the Application (until the User cancels their account). In the event of cancellation of the User account, the personal data entered by the User into the Application will be deleted after a period of 30 days from the closure of the User account;
(b) data that the Administrator has a legal obligation to process will be processed for the period specified by the relevant legal regulations;
(c) The email address will be used by the Administrator for marketing mailings for the duration of use of the Application and for 2 years after termination of use, unless the User prohibits such mailings to the Administrator.
(d) the processing time for individual cookies is specified in the relevant cookie bar;
(e) The User's personal data used for the purposes of analytics and improvement of the Application will be processed for the necessary period (in the order of months), after which the data will be aggregated or deleted;
(f) Personal data necessary to protect the legitimate interests of the Controller will be processed for as long as necessary (for the duration of the Controller's legitimate interest).
6.2 The Controller may store data on the use of the Application and the website www.app2us.app for internal analysis purposes. Usage data is generally stored for a shorter period of time, except where such data is used to enhance security or improve the functionality of the Application, or where the Controller has a legal obligation to store such data for a longer period of time.
6.3 Personal data contained in records for accounting purposes will be retained for the period specified by the laws governing accounting. Personal data contained in tax documents will be retained for the period specified by the laws governing value added tax.
6.4 After the expiry of the above-mentioned periods, the electronic record will be deleted.
7. METHOD OF PERSONAL DATA PROCESSING
7.1 The personal data of the data subject is processed automatically by the Controller or its employees or cooperating entities.
7.2 The personal data of Users will also be processed to the extent necessary by personal data processors under the conditions of Article 28 of the General Regulation, in particular on the basis of the Controller's written authorization and on the basis of a contract concluded between the Controller and the processor. The personal data processors are IT service providers (Think Easy s.r.o., ID No. 058 24 541, with its registered office at Žitomírská 599/38, Prague 10 Vršovice, registered in the Commercial Register maintained by the Municipal Court in Prague under file no. C 271500), the Controller's accountants/tax advisors (Patricie Matoušová, with its registered office at Dolní Sloupnice 80, 56553 Sloupnice, ID No. 40680029, registered with the Chamber of Tax Advisors of the Czech Republic under No. 3438), lawyers representing the Administrator in the provision of legal services, marketing specialists (Ing. Marcela Střelcová, with registered office at Čeladná 411, 739 12 Čeladná, ID No. 73343501).
7.3 The Administrator may send personal data securely encrypted via https (hypertext transfer protocol secure) to the API (application programming interfaces) of the following third parties: Microsoft, Google, and Apple. These companies have joined the Data Privacy Framework program.
7.4 The User's personal data may be transferred (and stored) to a computer located outside the Czech Republic and under a jurisdiction other than Czech jurisdiction, where data protection laws may differ from those of the Czech Republic. However, these are always countries within the EU and, in the case of American tools, those that have joined the Data Privacy Framework program. The Controller stores all personal data for the purpose of fulfilling its legal obligations, for the purposes of legitimate interests, and for the fulfillment of the Controller's obligations towards the User, regardless of their location.
7.5 All data entered by the User into the Application will be stored in a database operated by Amazon Web Services on servers in the European Union. Data transfer between the Application and servers is carried out in Encryption in Transit mode, and data storage is carried out in Encryption at Rest mode .
8. SOURCES OF PERSONAL DATA
8.1 The Controller may only obtain data from the Data Subject.
9. INFORMATION ABOUT POSSIBLE RECIPIENTS AND THE INTENTION TO TRANSFER PERSONAL DATA
9.1 Personal data will only be transferred or made available in necessary cases, in particular for the purpose of fulfilling obligations arising from accounting and tax regulations, providing IT services, providing marketing specialist services, and providing maintenance services for the Application.
9.2 The Controller may provide the User's personal data to a third party, in particular in connection with:
(a) Business transactions
The Controller may provide the User's personal data to a third party that acquires the entire business of the Controller or its assets or a substantial part thereof. If the Controller does so, it will inform such third party of the requirement to process the User's personal data in accordance with this Privacy Policy.
(b) Law enforcement
In certain circumstances, the Controller may be required to disclose the User's personal data by law or in response to requests (summonses) from public authorities (e.g., courts).
(c) Legal requirements
The Controller may disclose personal data if it believes in good faith that such disclosure is necessary for the purpose of: (i) complying with a legal obligation, (ii) protecting and/or defending the rights or property of the Controller, (iii) preventing or investigating possible illegal activity in connection with the Application, (iv) protecting the safety of Users or the public.
9.3 The following entities – processors – may have access to personal data, in particular for the purposes of operation, security, maintenance, and marketing activities related to the Application:
(a) entities cooperating with the Administrator in the operation, maintenance, and administration of the Application, and the operation, maintenance, and administration of the app2us.cz website;
(b) hosting providers;
(c) the Controller's advertising partners; or
(d) partners providing services for the purpose of fulfilling the Administrator's obligations arising from the provision and operation of the Application, such as delivery and payment providers,
(e) entities cooperating with the Administrator in the area of marketing and promotion of the Application,
(f) the Administrator's tax and accounting advisors,
who will then act as personal data processors.
10. TRACKING, COOKIES, AND IP ADDRESSES
10.1 Cookies are computer files with a small amount of data that may contain an anonymous unique identifier. Cookies are sent to the User's browser from a website and stored on the User's device. Tracking technologies also use beacons, tags, and scripts to collect and track information and to improve and analyze the www.app2us.app website and the Application. Cookies allow the Administrator to recognize whether the User has re-entered the Administrator's website from the same device, record some of the User's stored parameters, and verify whether the User belongs to a specific category of users to whom certain communications should be targeted. The Administrator may use, for example, the following categories of cookies:
(a) technical cookies for the operation of the website and the Application;
(b) preference cookies to remember the User's preferences and various settings;
(c) security cookies for security purposes;
(d) analytical cookies;
(e) marketing cookies.
10.2 The Administrator may process technical and security cookies even without the User's consent – without these cookies, the Application and website would not be fully and securely functional.
10.3 The Administrator may process preference, analytical, and marketing cookies only with the User's consent.
10.4 Cookies for the purposes of personalizing advertisements and commercial communications, providing social media functions, and analyzing traffic are shared by the Administrator with its partners, operating mainly in the field of social media, advertising, and analysis.
10.5 The User may set their browser to prevent the use of cookies, with the exception of technical and security cookies or similar, or to indicate when a cookie is being sent.
10.6 When the User first visits the Administrator's website, the User will be asked whether they agree to the processing of cookies for preference, analytical, and marketing purposes.
10.7 With the User's consent, the Administrator may use Google Analytics and similar services that collect third-party cookies. Google Analytics is a web analytics service provided by Google that tracks and reports website traffic. In addition to Google Analytics, Google also uses Google Tag Manager, a tag management system created by Google to manage JavaScript and HTML tags used for tracking and analysis on websites. Information about the use of the website and the Application (including the User's IP address), generated by cookies, will be transferred and stored by Google on servers in the United States and other countries. Google will use this information for the purpose of evaluating the use of the website and the Application by the User, compiling reports on website activity for the Administrator, and providing other services relating to website and Application activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. For more information, please see Google's privacy policy at: https://policies.google.com/privacy.
10.8 Services and communications generated by the use of the Application and the www.app2us.app website, such as promotional emails, may also contain electronic images known as "web beacons" or "tracking pixels." Tracking pixels generally work in conjunction with cookies, and the Administrator is entitled to use them in the same way as cookies (see above).
10.9 Consent to the processing of cookies can be withdrawn at any time. For example, through the website www.app2us.app and by adjusting the cookie settings.
10.10 Specific cookies, their purpose, provider, and expiration date can be found in the cookie bar overview at www.app2us.cz.
11. DIRECT MARKETING
11.1 Section 7(3) of Act No. 480/2004 Coll., on Information Society Services, allows the Controller to use the User's electronic contacts (in particular their email address) for the purpose of sending commercial communications, unless the User excludes this.
11.2 The administrator may use the email address to communicate promotional messages for the duration of the User's use of the Application and for a further 2 years after its termination (deletion of the user account).
11.3 The User may unsubscribe from marketing communications by deactivating this function via the unsubscribe link provided in each email or other communication they receive, or by sending an email request to planovac@app2us.cz stating that they wish to unsubscribe from marketing communications.
12. SECURITY
12.1 The Controller stores all personal data securely. It has therefore implemented adequate physical, technical, and organizational measures and plans to protect and secure personal data (which, however, do not relieve the User of their responsibility to take appropriate steps to secure their data, especially when transferring it). The Controller's goal is to eliminate any unauthorized or illegal processing of personal data, as well as any accidental, unauthorized, or illegal access, use, transfer, processing, copying, alteration, loss, or damage to personal data.
12.2 If the user chooses a password that allows them to access the Application, they are responsible for maintaining the strength and confidentiality of that password.
12.3 The User acknowledges that the transmission of information over the Internet is never completely secure. Although the Administrator has made every effort to protect the User's personal data, it cannot guarantee the security of personal data transmitted by the User. Any such transmission is at the User's own risk. Once the Administrator receives personal data, it will use strict procedures and security measures to protect personal data and prevent unauthorized access.
12.4 To maintain the highest standard of personal data protection, all information provided by the User to the Administrator is stored on secure servers behind firewalls. The Administrator restricts access to personal data to employees, contractors, and cooperating entities who need access to personal data for the purpose of operating, developing, or improving the Application.
12.5 Certain parts of the Application use Secure Sockets Layer (SSL) or other types of encryption. The Controller backs up all User data in a data center located in the European Union, which allows for rapid recovery in the event of a disaster or other similar event, and whenever possible, the Controller ensures the pseudonymization or anonymization of all personal or related data (except for names and email addresses).
12.6 In the event that, despite the Administrator's best efforts, a personal data breach occurs that could compromise the User's rights, the Administrator shall, without undue delay and, if possible, within 72 hours of becoming aware of such a breach, the Administrator shall notify the supervisory authority and, if the User's personal data was part of the breach and none of the exceptions listed below apply, also the User. The Administrator shall provide the User with information about the nature of the breach, the measures implemented, and the likely consequences of such a breach.
13. INFORMATION ON THE RIGHTS OF DATA SUBJECTS
13.1 The data subject has the right to request the Controller to provide information about the processing of their personal data, the purpose and nature of the processing of personal data, and the recipients of personal data, as well as the right to request an explanation of why the data is being processed in a given manner; the information is provided free of charge, unless the request is disproportionate or unreasonable; in such a case, the Controller may refuse to provide the information.
13.2 The data subject has the right to have the Controller correct inaccurate personal data concerning him or her without undue delay. Taking into account the purposes of the processing, the data subject has the right to have incomplete personal data completed, including by means of providing a supplementary statement.
13.3 The data subject has the right to have the Controller erase, without undue delay, personal data relating to the data subject that are not subject to archiving obligations, and the Controller has the obligation to erase personal data that are not subject to archiving obligations without undue delay if any of the reasons specified in the General Regulation apply. The deletion of the User's personal data may result in the Administrator's inability to fulfill its obligations under the license agreement, i.e., the actual impossibility of further use of the Application.
13.4 The data subject has the right to have the Controller restrict the processing of personal data in cases specified by the General Regulation.
13.5 The data subject has the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data.
13.6 Given that the Controller processes personal data automatically, the Data Subject has the right to obtain this data in a structured, commonly used format.
13.7 For the purposes of granting a license to use the Application, the User's consent to the processing of personal data is not required.
13.8 If the processing of certain personal data is based on the consent of the Data Subject, the Data Subject has the right to withdraw this consent at any time, in particular in writing by sending it to the contact address of the Controller (Article 3, paragraph 3.1, letter (a) above), by e-mail to planovac@app2us.cz, or via a data box. Withdrawal of consent does not affect the processing of personal data prior to withdrawal of consent.
13.9 If the Data Subject believes that there has been a violation of legal regulations in connection with the protection of their personal data, they have the right to lodge a complaint with the supervisory authority, which in the Czech Republic is the Office for Personal Data Protection, located at Pplk. Sochora 727/27, 170 00 Prague, https://www.uoou.cz. A list of the relevant supervisory authorities in the European Union is available at https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index.
14. SURVEYS AND REFERENCES
14.1 The controller may request information through surveys. Participation in these surveys is voluntary, and the user can decide whether to participate and provide the requested information. The requested information may include contact details (such as name, phone number, and email address). Contact details will be used to share results if the participant chooses to receive them. Information from the survey will be used for research, monitoring, or improving the user experience and satisfaction with the Application.
14.2 The Administrator may publish various texts, such as references, quotes, case studies, white papers, etc., on its website; such published texts may contain personal data. Before publication, the Administrator will obtain the User's consent to publish their name along with such text. If the User wishes to update or delete any text containing their personal data, they may contact the Administrator atadreseplanovac@app2us.cz .
15. FINAL PROVISIONS
15.1 The Administrator's website or the Application may contain links to partner websites, in particular experts in fields related to the purpose of the Application, as well as links from these websites to the Administrator's website www.app2us.cz or to the Application. If the User follows a link to any of these websites, they acknowledge that these websites have their own privacy policies and that the Administrator accepts no responsibility for these third-party policies. Before submitting any personal data to these third-party websites, the User should check their policies.
15.2 The Application is intended for adults – parents. Due to the fact that the Application was created to support parenting, the Administrator also collects and processes the personal data of children that their parents enter into the Application. By entering the child's personal data into the Application and continuing to use the Application, the User expresses their consent to the processing of their child's personal data in accordance with this Policy. In the case of a child over 12 years of age, the User further confirms that the child also consents to the processing of their personal data.
15.3 The Administrator is entitled to change, modify, or supplement this Privacy Policy at any time and for any reason. Any new version of this Privacy Policy replaces the previous version on the effective date of the new version. If the User is a registered user and the Controller has their email address, the User will be notified of any material changes to this Privacy Policy at that email address.
15.4 Any questions regarding this Privacy Policy or the Administrator's personal data protection practices may be addressed to the Administrator at support@app2us.app.
15.5 User data is not profiled, and the Administrator does not perform automated decision-making.
15.6 This Privacy Policy has been drawn up in Czech and English. In the event of any discrepancy between these versions, the Czech version shall be decisive and binding for the purposes of interpreting and applying these terms and conditions.
By installing the Application on your device and creating a user account in the Application, you confirm that you have read and understood the above information and that you agree to the processing of personal data, including data relating to your children (to the extent that you have entered your children's personal data into the Application), or, in the case of children over 12 years of age, that your children consent to the processing of their personal data, including its transfer to recipients for processing to the extent specified above.
Prague, June 18, 2025
ADMINISTRATOR CODE:
We respect the need for privacy, including, but not limited to, any personal data.
We always process personal data in accordance with this Privacy Policy and applicable laws, such as Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC ("General Regulation").
When using the Application and/or providing any personal data to the Administrator, you are responsible for ensuring that your actions comply with this Privacy Policy, and you guarantee that all personal data you provide to us about yourself, your children, or third parties is accurate and that you are authorized to provide us with such personal data.
We may use cookies and similar tracking technologies to track activity related to the www.app2us.app website or the Application. For more information, see below.
We take all reasonable steps to ensure that your data is treated securely and in accordance with this Privacy Policy and that no personal data is transferred to any organization or country that does not guarantee adequate procedures and controls to ensure the security of your personal data.
1. INTRODUCTORY INFORMATION
1.1 Joint controllers: Mgr. Michaela Radoušová, attorney and registered mediator with registered office at Voršilská 130/10, 110 00 Prague, ID No.: 66252989, and Mgr. Andrea Vyskočilová, attorney, registered mediator and registered family mediator, with registered office at Klidná 298/33, 160 00 Prague 6, ID No. 62564421 (jointly or separately hereinafter also referred to as the "Controller" or "Controllers") hereby provide information on the basic principles and rules of personal data protection in accordance with Regulation (EU) No. 2016/679 of the European Parliament and of the Council of 27 4, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter also referred to as the "General Regulation"), on the basis of which, as Controllers of personal data in connection with the conclusion of a contract for the provision of a license to use the app2us (hereinafter also referred to as the "Application"), in connection with the provision of a license authorizing the User to use the Application, and in connection with the operation of the website at www.app2us.cz, process the personal data of the Application user (hereinafter also referred to as the "User" or "Data Subject").
1.2 This information on the processing of personal data, including special categories of personal data (hereinafter also referred to as "Information"), serves to properly inform the User about the scope, purpose, and duration of the processing of personal data and to instruct the User about their rights in connection with the protection of such data.
2. WHO IS THE PERSONAL DATA CONTROLLER
2.1 The personal data controller is the Controller specified in Article 1 of this Information.
2.2 Mgr. Michaela Radoušová and Mgr. Andrea Vyskočilová have entered into an agreement on the regulation of the rights and obligations of joint controllers (hereinafter also referred to as the "Agreement"), in which they have defined their rights and obligations, including responsibility for issues related to the processing of personal data and sensitive personal data. In accordance with the Agreement, the contact person for the Data Subject is Mgr. Michaela Radoušová, who is also responsible for the fundamental rights of Data Subjects as defined further in this document. Mgr. Andrea Vyskočilová is responsible for updating records on the processing of personal data and for reporting security breaches. The controllers are jointly responsible for other obligations.
CONTROLLER'S CONTACT DETAILS
3.1 The controller provides the data subject with the following contact details:
(a) The controller can be contacted in writing at the following address: Voršilská 130/10, 110 00 Prague 1
(b) The controller can also be contacted via email at: support@app2us.app
(c) The controller can be contacted via data box: zwrgib5
(d) The controller can be contacted by telephone at: 00420 793 967 957
(e) The controller does not have a data protection officer.
4. PERSONAL DATA
4.1 What constitutes personal data. Personal data is any information relating to an identified or identifiable natural person (human being) on the basis of which a specific natural person can be directly or indirectly identified. Such a person is then referred to as a data subject.
Personal data includes, for example, name and surname, gender, age, date of birth, marital status, photograph, birth number, place of residence, telephone number, e-mail, location data, network identifier, account username, health insurance data, citizenship, height, weight, biometric data, etc.
4.2 Scope of personal data processing. Personal data is processed to the following extent:
(a) first name, last name, email address, User password
(b) information, data, documents, and contacts to the extent that the User enters them into the Application (typically gender, age, marital status, photograph, place of residence, address, email address, telephone number, date of birth, birth number (if applicable), marital status and family situation, contacts, documents, etc.)
(c) IP address and login metadata
The scope of personal data processing varies in each case depending on what data the User enters into the Application. Please note that the User is responsible for the legality of entering and the accuracy of third-party personal data entered into the Application.
4.3 Purpose and legal basis for processing personal data. In connection with the User's use of the Application, the Controller processes and stores personal data for the following purposes under the conditions and within the limits set by applicable law:
(a) contacting and identifying the User,
(b) securing the User account and data,
(c) registering and managing user accounts in the Application,
(d) providing the Application for use by the User in accordance with its purpose,
(e) monitoring the safe use of the Application and the website www.app2us.cz,
(f) keeping internal records of Users,
(g) keeping the Administrator's accounts,
(h) receiving payments (license fees) and keeping records required by law,
(i) informing the User about news in the Application,
(j) analytics,
(k) marketing purposes, including sending marketing and educational materials and providing other information that may be of interest to Users,
(l) fulfilling the Administrator's obligations under the license agreement with the User (Application usage agreement) and as required by law, and
(m) ensuring other activities and services related to the provision of a license to use the Application,
(n) protection of the legitimate interests of the Administrator,
(o) protection against misuse of the Application.
The Administrator may process personal data if necessary to fulfill legal obligations that apply to it under the provisions of Article 6(1)(c) of the General Regulation.
In some cases, the Controller may process personal data for the purpose of protecting the legitimate interests of the Controller pursuant to Article 6(1)(f) of the General Regulation.
5. SPECIAL CATEGORIES OF PERSONAL DATA
5.1 What belongs to the special category of personal data. Special categories of personal data include data on the racial origin of the data subject, data on his or her ethnic origin, data on political opinions, religious or philosophical beliefs or trade union membership, data on health (physical and mental), data on sexual life or sexual orientation, genetic data, biometric data, such as fingerprints, handwritten signatures, facial images, retinal images, etc.
5.2 Scope of processing of Clients' personal data belonging to a special category of personal data. Personal data belonging to a special category of personal data are processed to the extent that the User voluntarily enters them into the Application or in connection with the use of the Application (e.g., to log into a user account in the Application).
5.3 Purpose and legal basis for the processing of Users' personal data belonging to a special category of personal data. The Controller processes this personal data for the purpose of providing a service (use of the Application by the User) on the basis of the User's consent (i.e., voluntary entry).
6. PERSONAL DATA PROCESSING PERIOD
6.1 Personal data will be processed for the following period:
(a) login details and entered data for the duration of use of the Application (until the User cancels their account). In the event of cancellation of the User account, the personal data entered by the User into the Application will be deleted after a period of 30 days from the closure of the User account;
(b) data that the Administrator has a legal obligation to process will be processed for the period specified by the relevant legal regulations;
(c) The email address will be used by the Administrator for marketing mailings for the duration of use of the Application and for 2 years after termination of use, unless the User prohibits such mailings to the Administrator.
(d) the processing time for individual cookies is specified in the relevant cookie bar;
(e) The User's personal data used for the purposes of analytics and improvement of the Application will be processed for the necessary period (in the order of months), after which the data will be aggregated or deleted;
(f) Personal data necessary to protect the legitimate interests of the Controller will be processed for as long as necessary (for the duration of the Controller's legitimate interest).
6.2 The Controller may store data on the use of the Application and the website www.app2us.app for internal analysis purposes. Usage data is generally stored for a shorter period of time, except where such data is used to enhance security or improve the functionality of the Application, or where the Controller has a legal obligation to store such data for a longer period of time.
6.3 Personal data contained in records for accounting purposes will be retained for the period specified by the laws governing accounting. Personal data contained in tax documents will be retained for the period specified by the laws governing value added tax.
6.4 After the expiry of the above-mentioned periods, the electronic record will be deleted.
7. METHOD OF PERSONAL DATA PROCESSING
7.1 The personal data of the data subject is processed automatically by the Controller or its employees or cooperating entities.
7.2 The personal data of Users will also be processed to the extent necessary by personal data processors under the conditions of Article 28 of the General Regulation, in particular on the basis of the Controller's written authorization and on the basis of a contract concluded between the Controller and the processor. The personal data processors are IT service providers (Think Easy s.r.o., ID No. 058 24 541, with its registered office at Žitomírská 599/38, Prague 10 Vršovice, registered in the Commercial Register maintained by the Municipal Court in Prague under file no. C 271500), the Controller's accountants/tax advisors (Patricie Matoušová, with its registered office at Dolní Sloupnice 80, 56553 Sloupnice, ID No. 40680029, registered with the Chamber of Tax Advisors of the Czech Republic under No. 3438), lawyers representing the Administrator in the provision of legal services, marketing specialists (Ing. Marcela Střelcová, with registered office at Čeladná 411, 739 12 Čeladná, ID No. 73343501).
7.3 The Administrator may send personal data securely encrypted via https (hypertext transfer protocol secure) to the API (application programming interfaces) of the following third parties: Microsoft, Google, and Apple. These companies have joined the Data Privacy Framework program.
7.4 The User's personal data may be transferred (and stored) to a computer located outside the Czech Republic and under a jurisdiction other than Czech jurisdiction, where data protection laws may differ from those of the Czech Republic. However, these are always countries within the EU and, in the case of American tools, those that have joined the Data Privacy Framework program. The Controller stores all personal data for the purpose of fulfilling its legal obligations, for the purposes of legitimate interests, and for the fulfillment of the Controller's obligations towards the User, regardless of their location.
7.5 All data entered by the User into the Application will be stored in a database operated by Amazon Web Services on servers in the European Union. Data transfer between the Application and servers is carried out in Encryption in Transit mode, and data storage is carried out in Encryption at Rest mode .
8. SOURCES OF PERSONAL DATA
8.1 The Controller may only obtain data from the Data Subject.
9. INFORMATION ABOUT POSSIBLE RECIPIENTS AND THE INTENTION TO TRANSFER PERSONAL DATA
9.1 Personal data will only be transferred or made available in necessary cases, in particular for the purpose of fulfilling obligations arising from accounting and tax regulations, providing IT services, providing marketing specialist services, and providing maintenance services for the Application.
9.2 The Controller may provide the User's personal data to a third party, in particular in connection with:
(a) Business transactions
The Controller may provide the User's personal data to a third party that acquires the entire business of the Controller or its assets or a substantial part thereof. If the Controller does so, it will inform such third party of the requirement to process the User's personal data in accordance with this Privacy Policy.
(b) Law enforcement
In certain circumstances, the Controller may be required to disclose the User's personal data by law or in response to requests (summonses) from public authorities (e.g., courts).
(c) Legal requirements
The Controller may disclose personal data if it believes in good faith that such disclosure is necessary for the purpose of: (i) complying with a legal obligation, (ii) protecting and/or defending the rights or property of the Controller, (iii) preventing or investigating possible illegal activity in connection with the Application, (iv) protecting the safety of Users or the public.
9.3 The following entities – processors – may have access to personal data, in particular for the purposes of operation, security, maintenance, and marketing activities related to the Application:
(a) entities cooperating with the Administrator in the operation, maintenance, and administration of the Application, and the operation, maintenance, and administration of the app2us.cz website;
(b) hosting providers;
(c) the Controller's advertising partners; or
(d) partners providing services for the purpose of fulfilling the Administrator's obligations arising from the provision and operation of the Application, such as delivery and payment providers,
(e) entities cooperating with the Administrator in the area of marketing and promotion of the Application,
(f) the Administrator's tax and accounting advisors,
who will then act as personal data processors.
10. TRACKING, COOKIES, AND IP ADDRESSES
10.1 Cookies are computer files with a small amount of data that may contain an anonymous unique identifier. Cookies are sent to the User's browser from a website and stored on the User's device. Tracking technologies also use beacons, tags, and scripts to collect and track information and to improve and analyze the www.app2us.app website and the Application. Cookies allow the Administrator to recognize whether the User has re-entered the Administrator's website from the same device, record some of the User's stored parameters, and verify whether the User belongs to a specific category of users to whom certain communications should be targeted. The Administrator may use, for example, the following categories of cookies:
(a) technical cookies for the operation of the website and the Application;
(b) preference cookies to remember the User's preferences and various settings;
(c) security cookies for security purposes;
(d) analytical cookies;
(e) marketing cookies.
10.2 The Administrator may process technical and security cookies even without the User's consent – without these cookies, the Application and website would not be fully and securely functional.
10.3 The Administrator may process preference, analytical, and marketing cookies only with the User's consent.
10.4 Cookies for the purposes of personalizing advertisements and commercial communications, providing social media functions, and analyzing traffic are shared by the Administrator with its partners, operating mainly in the field of social media, advertising, and analysis.
10.5 The User may set their browser to prevent the use of cookies, with the exception of technical and security cookies or similar, or to indicate when a cookie is being sent.
10.6 When the User first visits the Administrator's website, the User will be asked whether they agree to the processing of cookies for preference, analytical, and marketing purposes.
10.7 With the User's consent, the Administrator may use Google Analytics and similar services that collect third-party cookies. Google Analytics is a web analytics service provided by Google that tracks and reports website traffic. In addition to Google Analytics, Google also uses Google Tag Manager, a tag management system created by Google to manage JavaScript and HTML tags used for tracking and analysis on websites. Information about the use of the website and the Application (including the User's IP address), generated by cookies, will be transferred and stored by Google on servers in the United States and other countries. Google will use this information for the purpose of evaluating the use of the website and the Application by the User, compiling reports on website activity for the Administrator, and providing other services relating to website and Application activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. For more information, please see Google's privacy policy at: https://policies.google.com/privacy.
10.8 Services and communications generated by the use of the Application and the www.app2us.app website, such as promotional emails, may also contain electronic images known as "web beacons" or "tracking pixels." Tracking pixels generally work in conjunction with cookies, and the Administrator is entitled to use them in the same way as cookies (see above).
10.9 Consent to the processing of cookies can be withdrawn at any time. For example, through the website www.app2us.app and by adjusting the cookie settings.
10.10 Specific cookies, their purpose, provider, and expiration date can be found in the cookie bar overview at www.app2us.cz.
11. DIRECT MARKETING
11.1 Section 7(3) of Act No. 480/2004 Coll., on Information Society Services, allows the Controller to use the User's electronic contacts (in particular their email address) for the purpose of sending commercial communications, unless the User excludes this.
11.2 The administrator may use the email address to communicate promotional messages for the duration of the User's use of the Application and for a further 2 years after its termination (deletion of the user account).
11.3 The User may unsubscribe from marketing communications by deactivating this function via the unsubscribe link provided in each email or other communication they receive, or by sending an email request to planovac@app2us.cz stating that they wish to unsubscribe from marketing communications.
12. SECURITY
12.1 The Controller stores all personal data securely. It has therefore implemented adequate physical, technical, and organizational measures and plans to protect and secure personal data (which, however, do not relieve the User of their responsibility to take appropriate steps to secure their data, especially when transferring it). The Controller's goal is to eliminate any unauthorized or illegal processing of personal data, as well as any accidental, unauthorized, or illegal access, use, transfer, processing, copying, alteration, loss, or damage to personal data.
12.2 If the user chooses a password that allows them to access the Application, they are responsible for maintaining the strength and confidentiality of that password.
12.3 The User acknowledges that the transmission of information over the Internet is never completely secure. Although the Administrator has made every effort to protect the User's personal data, it cannot guarantee the security of personal data transmitted by the User. Any such transmission is at the User's own risk. Once the Administrator receives personal data, it will use strict procedures and security measures to protect personal data and prevent unauthorized access.
12.4 To maintain the highest standard of personal data protection, all information provided by the User to the Administrator is stored on secure servers behind firewalls. The Administrator restricts access to personal data to employees, contractors, and cooperating entities who need access to personal data for the purpose of operating, developing, or improving the Application.
12.5 Certain parts of the Application use Secure Sockets Layer (SSL) or other types of encryption. The Controller backs up all User data in a data center located in the European Union, which allows for rapid recovery in the event of a disaster or other similar event, and whenever possible, the Controller ensures the pseudonymization or anonymization of all personal or related data (except for names and email addresses).
12.6 In the event that, despite the Administrator's best efforts, a personal data breach occurs that could compromise the User's rights, the Administrator shall, without undue delay and, if possible, within 72 hours of becoming aware of such a breach, the Administrator shall notify the supervisory authority and, if the User's personal data was part of the breach and none of the exceptions listed below apply, also the User. The Administrator shall provide the User with information about the nature of the breach, the measures implemented, and the likely consequences of such a breach.
13. INFORMATION ON THE RIGHTS OF DATA SUBJECTS
13.1 The data subject has the right to request the Controller to provide information about the processing of their personal data, the purpose and nature of the processing of personal data, and the recipients of personal data, as well as the right to request an explanation of why the data is being processed in a given manner; the information is provided free of charge, unless the request is disproportionate or unreasonable; in such a case, the Controller may refuse to provide the information.
13.2 The data subject has the right to have the Controller correct inaccurate personal data concerning him or her without undue delay. Taking into account the purposes of the processing, the data subject has the right to have incomplete personal data completed, including by means of providing a supplementary statement.
13.3 The data subject has the right to have the Controller erase, without undue delay, personal data relating to the data subject that are not subject to archiving obligations, and the Controller has the obligation to erase personal data that are not subject to archiving obligations without undue delay if any of the reasons specified in the General Regulation apply. The deletion of the User's personal data may result in the Administrator's inability to fulfill its obligations under the license agreement, i.e., the actual impossibility of further use of the Application.
13.4 The data subject has the right to have the Controller restrict the processing of personal data in cases specified by the General Regulation.
13.5 The data subject has the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data.
13.6 Given that the Controller processes personal data automatically, the Data Subject has the right to obtain this data in a structured, commonly used format.
13.7 For the purposes of granting a license to use the Application, the User's consent to the processing of personal data is not required.
13.8 If the processing of certain personal data is based on the consent of the Data Subject, the Data Subject has the right to withdraw this consent at any time, in particular in writing by sending it to the contact address of the Controller (Article 3, paragraph 3.1, letter (a) above), by e-mail to planovac@app2us.cz, or via a data box. Withdrawal of consent does not affect the processing of personal data prior to withdrawal of consent.
13.9 If the Data Subject believes that there has been a violation of legal regulations in connection with the protection of their personal data, they have the right to lodge a complaint with the supervisory authority, which in the Czech Republic is the Office for Personal Data Protection, located at Pplk. Sochora 727/27, 170 00 Prague, https://www.uoou.cz. A list of the relevant supervisory authorities in the European Union is available at https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index.
14. SURVEYS AND REFERENCES
14.1 The controller may request information through surveys. Participation in these surveys is voluntary, and the user can decide whether to participate and provide the requested information. The requested information may include contact details (such as name, phone number, and email address). Contact details will be used to share results if the participant chooses to receive them. Information from the survey will be used for research, monitoring, or improving the user experience and satisfaction with the Application.
14.2 The Administrator may publish various texts, such as references, quotes, case studies, white papers, etc., on its website; such published texts may contain personal data. Before publication, the Administrator will obtain the User's consent to publish their name along with such text. If the User wishes to update or delete any text containing their personal data, they may contact the Administrator atadreseplanovac@app2us.cz .
15. FINAL PROVISIONS
15.1 The Administrator's website or the Application may contain links to partner websites, in particular experts in fields related to the purpose of the Application, as well as links from these websites to the Administrator's website www.app2us.cz or to the Application. If the User follows a link to any of these websites, they acknowledge that these websites have their own privacy policies and that the Administrator accepts no responsibility for these third-party policies. Before submitting any personal data to these third-party websites, the User should check their policies.
15.2 The Application is intended for adults – parents. Due to the fact that the Application was created to support parenting, the Administrator also collects and processes the personal data of children that their parents enter into the Application. By entering the child's personal data into the Application and continuing to use the Application, the User expresses their consent to the processing of their child's personal data in accordance with this Policy. In the case of a child over 12 years of age, the User further confirms that the child also consents to the processing of their personal data.
15.3 The Administrator is entitled to change, modify, or supplement this Privacy Policy at any time and for any reason. Any new version of this Privacy Policy replaces the previous version on the effective date of the new version. If the User is a registered user and the Controller has their email address, the User will be notified of any material changes to this Privacy Policy at that email address.
15.4 Any questions regarding this Privacy Policy or the Administrator's personal data protection practices may be addressed to the Administrator at support@app2us.app.
15.5 User data is not profiled, and the Administrator does not perform automated decision-making.
15.6 This Privacy Policy has been drawn up in Czech and English. In the event of any discrepancy between these versions, the Czech version shall be decisive and binding for the purposes of interpreting and applying these terms and conditions.
By installing the Application on your device and creating a user account in the Application, you confirm that you have read and understood the above information and that you agree to the processing of personal data, including data relating to your children (to the extent that you have entered your children's personal data into the Application), or, in the case of children over 12 years of age, that your children consent to the processing of their personal data, including its transfer to recipients for processing to the extent specified above.
Prague, June 18, 2025
ADMINISTRATOR CODE:
We respect the need for privacy, including, but not limited to, any personal data.
We always process personal data in accordance with this Privacy Policy and applicable laws, such as Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC ("General Regulation").
When using the Application and/or providing any personal data to the Administrator, you are responsible for ensuring that your actions comply with this Privacy Policy, and you guarantee that all personal data you provide to us about yourself, your children, or third parties is accurate and that you are authorized to provide us with such personal data.
We may use cookies and similar tracking technologies to track activity related to the www.app2us.app website or the Application. For more information, see below.
We take all reasonable steps to ensure that your data is treated securely and in accordance with this Privacy Policy and that no personal data is transferred to any organization or country that does not guarantee adequate procedures and controls to ensure the security of your personal data.
1. INTRODUCTORY INFORMATION
1.1 Joint controllers: Mgr. Michaela Radoušová, attorney and registered mediator with registered office at Voršilská 130/10, 110 00 Prague, ID No.: 66252989, and Mgr. Andrea Vyskočilová, attorney, registered mediator and registered family mediator, with registered office at Klidná 298/33, 160 00 Prague 6, ID No. 62564421 (jointly or separately hereinafter also referred to as the "Controller" or "Controllers") hereby provide information on the basic principles and rules of personal data protection in accordance with Regulation (EU) No. 2016/679 of the European Parliament and of the Council of 27 4, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter also referred to as the "General Regulation"), on the basis of which, as Controllers of personal data in connection with the conclusion of a contract for the provision of a license to use the app2us (hereinafter also referred to as the "Application"), in connection with the provision of a license authorizing the User to use the Application, and in connection with the operation of the website at www.app2us.cz, process the personal data of the Application user (hereinafter also referred to as the "User" or "Data Subject").
1.2 This information on the processing of personal data, including special categories of personal data (hereinafter also referred to as "Information"), serves to properly inform the User about the scope, purpose, and duration of the processing of personal data and to instruct the User about their rights in connection with the protection of such data.
2. WHO IS THE PERSONAL DATA CONTROLLER
2.1 The personal data controller is the Controller specified in Article 1 of this Information.
2.2 Mgr. Michaela Radoušová and Mgr. Andrea Vyskočilová have entered into an agreement on the regulation of the rights and obligations of joint controllers (hereinafter also referred to as the "Agreement"), in which they have defined their rights and obligations, including responsibility for issues related to the processing of personal data and sensitive personal data. In accordance with the Agreement, the contact person for the Data Subject is Mgr. Michaela Radoušová, who is also responsible for the fundamental rights of Data Subjects as defined further in this document. Mgr. Andrea Vyskočilová is responsible for updating records on the processing of personal data and for reporting security breaches. The controllers are jointly responsible for other obligations.
CONTROLLER'S CONTACT DETAILS
3.1 The controller provides the data subject with the following contact details:
(a) The controller can be contacted in writing at the following address: Voršilská 130/10, 110 00 Prague 1
(b) The controller can also be contacted via email at: support@app2us.app
(c) The controller can be contacted via data box: zwrgib5
(d) The controller can be contacted by telephone at: 00420 793 967 957
(e) The controller does not have a data protection officer.
4. PERSONAL DATA
4.1 What constitutes personal data. Personal data is any information relating to an identified or identifiable natural person (human being) on the basis of which a specific natural person can be directly or indirectly identified. Such a person is then referred to as a data subject.
Personal data includes, for example, name and surname, gender, age, date of birth, marital status, photograph, birth number, place of residence, telephone number, e-mail, location data, network identifier, account username, health insurance data, citizenship, height, weight, biometric data, etc.
4.2 Scope of personal data processing. Personal data is processed to the following extent:
(a) first name, last name, email address, User password
(b) information, data, documents, and contacts to the extent that the User enters them into the Application (typically gender, age, marital status, photograph, place of residence, address, email address, telephone number, date of birth, birth number (if applicable), marital status and family situation, contacts, documents, etc.)
(c) IP address and login metadata
The scope of personal data processing varies in each case depending on what data the User enters into the Application. Please note that the User is responsible for the legality of entering and the accuracy of third-party personal data entered into the Application.
4.3 Purpose and legal basis for processing personal data. In connection with the User's use of the Application, the Controller processes and stores personal data for the following purposes under the conditions and within the limits set by applicable law:
(a) contacting and identifying the User,
(b) securing the User account and data,
(c) registering and managing user accounts in the Application,
(d) providing the Application for use by the User in accordance with its purpose,
(e) monitoring the safe use of the Application and the website www.app2us.cz,
(f) keeping internal records of Users,
(g) keeping the Administrator's accounts,
(h) receiving payments (license fees) and keeping records required by law,
(i) informing the User about news in the Application,
(j) analytics,
(k) marketing purposes, including sending marketing and educational materials and providing other information that may be of interest to Users,
(l) fulfilling the Administrator's obligations under the license agreement with the User (Application usage agreement) and as required by law, and
(m) ensuring other activities and services related to the provision of a license to use the Application,
(n) protection of the legitimate interests of the Administrator,
(o) protection against misuse of the Application.
The Administrator may process personal data if necessary to fulfill legal obligations that apply to it under the provisions of Article 6(1)(c) of the General Regulation.
In some cases, the Controller may process personal data for the purpose of protecting the legitimate interests of the Controller pursuant to Article 6(1)(f) of the General Regulation.
5. SPECIAL CATEGORIES OF PERSONAL DATA
5.1 What belongs to the special category of personal data. Special categories of personal data include data on the racial origin of the data subject, data on his or her ethnic origin, data on political opinions, religious or philosophical beliefs or trade union membership, data on health (physical and mental), data on sexual life or sexual orientation, genetic data, biometric data, such as fingerprints, handwritten signatures, facial images, retinal images, etc.
5.2 Scope of processing of Clients' personal data belonging to a special category of personal data. Personal data belonging to a special category of personal data are processed to the extent that the User voluntarily enters them into the Application or in connection with the use of the Application (e.g., to log into a user account in the Application).
5.3 Purpose and legal basis for the processing of Users' personal data belonging to a special category of personal data. The Controller processes this personal data for the purpose of providing a service (use of the Application by the User) on the basis of the User's consent (i.e., voluntary entry).
6. PERSONAL DATA PROCESSING PERIOD
6.1 Personal data will be processed for the following period:
(a) login details and entered data for the duration of use of the Application (until the User cancels their account). In the event of cancellation of the User account, the personal data entered by the User into the Application will be deleted after a period of 30 days from the closure of the User account;
(b) data that the Administrator has a legal obligation to process will be processed for the period specified by the relevant legal regulations;
(c) The email address will be used by the Administrator for marketing mailings for the duration of use of the Application and for 2 years after termination of use, unless the User prohibits such mailings to the Administrator.
(d) the processing time for individual cookies is specified in the relevant cookie bar;
(e) The User's personal data used for the purposes of analytics and improvement of the Application will be processed for the necessary period (in the order of months), after which the data will be aggregated or deleted;
(f) Personal data necessary to protect the legitimate interests of the Controller will be processed for as long as necessary (for the duration of the Controller's legitimate interest).
6.2 The Controller may store data on the use of the Application and the website www.app2us.app for internal analysis purposes. Usage data is generally stored for a shorter period of time, except where such data is used to enhance security or improve the functionality of the Application, or where the Controller has a legal obligation to store such data for a longer period of time.
6.3 Personal data contained in records for accounting purposes will be retained for the period specified by the laws governing accounting. Personal data contained in tax documents will be retained for the period specified by the laws governing value added tax.
6.4 After the expiry of the above-mentioned periods, the electronic record will be deleted.
7. METHOD OF PERSONAL DATA PROCESSING
7.1 The personal data of the data subject is processed automatically by the Controller or its employees or cooperating entities.
7.2 The personal data of Users will also be processed to the extent necessary by personal data processors under the conditions of Article 28 of the General Regulation, in particular on the basis of the Controller's written authorization and on the basis of a contract concluded between the Controller and the processor. The personal data processors are IT service providers (Think Easy s.r.o., ID No. 058 24 541, with its registered office at Žitomírská 599/38, Prague 10 Vršovice, registered in the Commercial Register maintained by the Municipal Court in Prague under file no. C 271500), the Controller's accountants/tax advisors (Patricie Matoušová, with its registered office at Dolní Sloupnice 80, 56553 Sloupnice, ID No. 40680029, registered with the Chamber of Tax Advisors of the Czech Republic under No. 3438), lawyers representing the Administrator in the provision of legal services, marketing specialists (Ing. Marcela Střelcová, with registered office at Čeladná 411, 739 12 Čeladná, ID No. 73343501).
7.3 The Administrator may send personal data securely encrypted via https (hypertext transfer protocol secure) to the API (application programming interfaces) of the following third parties: Microsoft, Google, and Apple. These companies have joined the Data Privacy Framework program.
7.4 The User's personal data may be transferred (and stored) to a computer located outside the Czech Republic and under a jurisdiction other than Czech jurisdiction, where data protection laws may differ from those of the Czech Republic. However, these are always countries within the EU and, in the case of American tools, those that have joined the Data Privacy Framework program. The Controller stores all personal data for the purpose of fulfilling its legal obligations, for the purposes of legitimate interests, and for the fulfillment of the Controller's obligations towards the User, regardless of their location.
7.5 All data entered by the User into the Application will be stored in a database operated by Amazon Web Services on servers in the European Union. Data transfer between the Application and servers is carried out in Encryption in Transit mode, and data storage is carried out in Encryption at Rest mode .
8. SOURCES OF PERSONAL DATA
8.1 The Controller may only obtain data from the Data Subject.
9. INFORMATION ABOUT POSSIBLE RECIPIENTS AND THE INTENTION TO TRANSFER PERSONAL DATA
9.1 Personal data will only be transferred or made available in necessary cases, in particular for the purpose of fulfilling obligations arising from accounting and tax regulations, providing IT services, providing marketing specialist services, and providing maintenance services for the Application.
9.2 The Controller may provide the User's personal data to a third party, in particular in connection with:
(a) Business transactions
The Controller may provide the User's personal data to a third party that acquires the entire business of the Controller or its assets or a substantial part thereof. If the Controller does so, it will inform such third party of the requirement to process the User's personal data in accordance with this Privacy Policy.
(b) Law enforcement
In certain circumstances, the Controller may be required to disclose the User's personal data by law or in response to requests (summonses) from public authorities (e.g., courts).
(c) Legal requirements
The Controller may disclose personal data if it believes in good faith that such disclosure is necessary for the purpose of: (i) complying with a legal obligation, (ii) protecting and/or defending the rights or property of the Controller, (iii) preventing or investigating possible illegal activity in connection with the Application, (iv) protecting the safety of Users or the public.
9.3 The following entities – processors – may have access to personal data, in particular for the purposes of operation, security, maintenance, and marketing activities related to the Application:
(a) entities cooperating with the Administrator in the operation, maintenance, and administration of the Application, and the operation, maintenance, and administration of the app2us.cz website;
(b) hosting providers;
(c) the Controller's advertising partners; or
(d) partners providing services for the purpose of fulfilling the Administrator's obligations arising from the provision and operation of the Application, such as delivery and payment providers,
(e) entities cooperating with the Administrator in the area of marketing and promotion of the Application,
(f) the Administrator's tax and accounting advisors,
who will then act as personal data processors.
10. TRACKING, COOKIES, AND IP ADDRESSES
10.1 Cookies are computer files with a small amount of data that may contain an anonymous unique identifier. Cookies are sent to the User's browser from a website and stored on the User's device. Tracking technologies also use beacons, tags, and scripts to collect and track information and to improve and analyze the www.app2us.app website and the Application. Cookies allow the Administrator to recognize whether the User has re-entered the Administrator's website from the same device, record some of the User's stored parameters, and verify whether the User belongs to a specific category of users to whom certain communications should be targeted. The Administrator may use, for example, the following categories of cookies:
(a) technical cookies for the operation of the website and the Application;
(b) preference cookies to remember the User's preferences and various settings;
(c) security cookies for security purposes;
(d) analytical cookies;
(e) marketing cookies.
10.2 The Administrator may process technical and security cookies even without the User's consent – without these cookies, the Application and website would not be fully and securely functional.
10.3 The Administrator may process preference, analytical, and marketing cookies only with the User's consent.
10.4 Cookies for the purposes of personalizing advertisements and commercial communications, providing social media functions, and analyzing traffic are shared by the Administrator with its partners, operating mainly in the field of social media, advertising, and analysis.
10.5 The User may set their browser to prevent the use of cookies, with the exception of technical and security cookies or similar, or to indicate when a cookie is being sent.
10.6 When the User first visits the Administrator's website, the User will be asked whether they agree to the processing of cookies for preference, analytical, and marketing purposes.
10.7 With the User's consent, the Administrator may use Google Analytics and similar services that collect third-party cookies. Google Analytics is a web analytics service provided by Google that tracks and reports website traffic. In addition to Google Analytics, Google also uses Google Tag Manager, a tag management system created by Google to manage JavaScript and HTML tags used for tracking and analysis on websites. Information about the use of the website and the Application (including the User's IP address), generated by cookies, will be transferred and stored by Google on servers in the United States and other countries. Google will use this information for the purpose of evaluating the use of the website and the Application by the User, compiling reports on website activity for the Administrator, and providing other services relating to website and Application activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. For more information, please see Google's privacy policy at: https://policies.google.com/privacy.
10.8 Services and communications generated by the use of the Application and the www.app2us.app website, such as promotional emails, may also contain electronic images known as "web beacons" or "tracking pixels." Tracking pixels generally work in conjunction with cookies, and the Administrator is entitled to use them in the same way as cookies (see above).
10.9 Consent to the processing of cookies can be withdrawn at any time. For example, through the website www.app2us.app and by adjusting the cookie settings.
10.10 Specific cookies, their purpose, provider, and expiration date can be found in the cookie bar overview at www.app2us.cz.
11. DIRECT MARKETING
11.1 Section 7(3) of Act No. 480/2004 Coll., on Information Society Services, allows the Controller to use the User's electronic contacts (in particular their email address) for the purpose of sending commercial communications, unless the User excludes this.
11.2 The administrator may use the email address to communicate promotional messages for the duration of the User's use of the Application and for a further 2 years after its termination (deletion of the user account).
11.3 The User may unsubscribe from marketing communications by deactivating this function via the unsubscribe link provided in each email or other communication they receive, or by sending an email request to planovac@app2us.cz stating that they wish to unsubscribe from marketing communications.
12. SECURITY
12.1 The Controller stores all personal data securely. It has therefore implemented adequate physical, technical, and organizational measures and plans to protect and secure personal data (which, however, do not relieve the User of their responsibility to take appropriate steps to secure their data, especially when transferring it). The Controller's goal is to eliminate any unauthorized or illegal processing of personal data, as well as any accidental, unauthorized, or illegal access, use, transfer, processing, copying, alteration, loss, or damage to personal data.
12.2 If the user chooses a password that allows them to access the Application, they are responsible for maintaining the strength and confidentiality of that password.
12.3 The User acknowledges that the transmission of information over the Internet is never completely secure. Although the Administrator has made every effort to protect the User's personal data, it cannot guarantee the security of personal data transmitted by the User. Any such transmission is at the User's own risk. Once the Administrator receives personal data, it will use strict procedures and security measures to protect personal data and prevent unauthorized access.
12.4 To maintain the highest standard of personal data protection, all information provided by the User to the Administrator is stored on secure servers behind firewalls. The Administrator restricts access to personal data to employees, contractors, and cooperating entities who need access to personal data for the purpose of operating, developing, or improving the Application.
12.5 Certain parts of the Application use Secure Sockets Layer (SSL) or other types of encryption. The Controller backs up all User data in a data center located in the European Union, which allows for rapid recovery in the event of a disaster or other similar event, and whenever possible, the Controller ensures the pseudonymization or anonymization of all personal or related data (except for names and email addresses).
12.6 In the event that, despite the Administrator's best efforts, a personal data breach occurs that could compromise the User's rights, the Administrator shall, without undue delay and, if possible, within 72 hours of becoming aware of such a breach, the Administrator shall notify the supervisory authority and, if the User's personal data was part of the breach and none of the exceptions listed below apply, also the User. The Administrator shall provide the User with information about the nature of the breach, the measures implemented, and the likely consequences of such a breach.
13. INFORMATION ON THE RIGHTS OF DATA SUBJECTS
13.1 The data subject has the right to request the Controller to provide information about the processing of their personal data, the purpose and nature of the processing of personal data, and the recipients of personal data, as well as the right to request an explanation of why the data is being processed in a given manner; the information is provided free of charge, unless the request is disproportionate or unreasonable; in such a case, the Controller may refuse to provide the information.
13.2 The data subject has the right to have the Controller correct inaccurate personal data concerning him or her without undue delay. Taking into account the purposes of the processing, the data subject has the right to have incomplete personal data completed, including by means of providing a supplementary statement.
13.3 The data subject has the right to have the Controller erase, without undue delay, personal data relating to the data subject that are not subject to archiving obligations, and the Controller has the obligation to erase personal data that are not subject to archiving obligations without undue delay if any of the reasons specified in the General Regulation apply. The deletion of the User's personal data may result in the Administrator's inability to fulfill its obligations under the license agreement, i.e., the actual impossibility of further use of the Application.
13.4 The data subject has the right to have the Controller restrict the processing of personal data in cases specified by the General Regulation.
13.5 The data subject has the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data.
13.6 Given that the Controller processes personal data automatically, the Data Subject has the right to obtain this data in a structured, commonly used format.
13.7 For the purposes of granting a license to use the Application, the User's consent to the processing of personal data is not required.
13.8 If the processing of certain personal data is based on the consent of the Data Subject, the Data Subject has the right to withdraw this consent at any time, in particular in writing by sending it to the contact address of the Controller (Article 3, paragraph 3.1, letter (a) above), by e-mail to planovac@app2us.cz, or via a data box. Withdrawal of consent does not affect the processing of personal data prior to withdrawal of consent.
13.9 If the Data Subject believes that there has been a violation of legal regulations in connection with the protection of their personal data, they have the right to lodge a complaint with the supervisory authority, which in the Czech Republic is the Office for Personal Data Protection, located at Pplk. Sochora 727/27, 170 00 Prague, https://www.uoou.cz. A list of the relevant supervisory authorities in the European Union is available at https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index.
14. SURVEYS AND REFERENCES
14.1 The controller may request information through surveys. Participation in these surveys is voluntary, and the user can decide whether to participate and provide the requested information. The requested information may include contact details (such as name, phone number, and email address). Contact details will be used to share results if the participant chooses to receive them. Information from the survey will be used for research, monitoring, or improving the user experience and satisfaction with the Application.
14.2 The Administrator may publish various texts, such as references, quotes, case studies, white papers, etc., on its website; such published texts may contain personal data. Before publication, the Administrator will obtain the User's consent to publish their name along with such text. If the User wishes to update or delete any text containing their personal data, they may contact the Administrator atadreseplanovac@app2us.cz .
15. FINAL PROVISIONS
15.1 The Administrator's website or the Application may contain links to partner websites, in particular experts in fields related to the purpose of the Application, as well as links from these websites to the Administrator's website www.app2us.cz or to the Application. If the User follows a link to any of these websites, they acknowledge that these websites have their own privacy policies and that the Administrator accepts no responsibility for these third-party policies. Before submitting any personal data to these third-party websites, the User should check their policies.
15.2 The Application is intended for adults – parents. Due to the fact that the Application was created to support parenting, the Administrator also collects and processes the personal data of children that their parents enter into the Application. By entering the child's personal data into the Application and continuing to use the Application, the User expresses their consent to the processing of their child's personal data in accordance with this Policy. In the case of a child over 12 years of age, the User further confirms that the child also consents to the processing of their personal data.
15.3 The Administrator is entitled to change, modify, or supplement this Privacy Policy at any time and for any reason. Any new version of this Privacy Policy replaces the previous version on the effective date of the new version. If the User is a registered user and the Controller has their email address, the User will be notified of any material changes to this Privacy Policy at that email address.
15.4 Any questions regarding this Privacy Policy or the Administrator's personal data protection practices may be addressed to the Administrator at support@app2us.app.
15.5 User data is not profiled, and the Administrator does not perform automated decision-making.
15.6 This Privacy Policy has been drawn up in Czech and English. In the event of any discrepancy between these versions, the Czech version shall be decisive and binding for the purposes of interpreting and applying these terms and conditions.
By installing the Application on your device and creating a user account in the Application, you confirm that you have read and understood the above information and that you agree to the processing of personal data, including data relating to your children (to the extent that you have entered your children's personal data into the Application), or, in the case of children over 12 years of age, that your children consent to the processing of their personal data, including its transfer to recipients for processing to the extent specified above.
Prague, June 18, 2025