1. Data Controller

1.1. The data controller is MOTTIFY s.r.o., Company ID No.: 03818144, with its registered office at Příčná 1892/4, Nové Město, 110 00 Prague, Czech Republic (hereinafter referred to as the “Controller”).

The Controller declares that all personal data processed are treated as strictly confidential and handled in accordance with applicable national legislation and European Union regulations governing personal data protection.

1.2. The Controller processes personal data in accordance with Act No. 110/2019 Coll., on Personal Data Processing, and Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR).

1.3. Personal data are also collected via the Controller’s website:
https://mottify.cz/ (the “Website”).

1.4. This Privacy Policy is issued to inform you about what personal data are processed, for what purposes, for how long, who may access them, and what rights you have.

This policy applies to all personal data processed by the Controller, regardless of whether they are processed on the basis of a contract, legal obligation, legitimate interest, or consent.


2. Processed Personal Data

2.1. The Controller processes personal data provided by the data subject to the extent necessary for the purposes described below.

2.2. Personal data are processed for the following purposes:

  • Performance of contracts and services – provision and execution of ordered services
  • Marketing communications – sending information about products and services
  • Accounting and tax purposes – compliance with legal accounting obligations
  • Human resources administration – payroll and employment-related processing
  • Statistics and analytics – improving website functionality and user experience
  • Legitimate interests and security – protection of rights and fraud prevention
  • Legal obligations – compliance with requests from public authorities
  • Consent-based processing – cookies, analytics, and marketing personalization

2.2.1. Performance of a contractual relationship means any relationship arising from an order, registration, agreement, or similar engagement.

2.2.2. Marketing communication means sending offers via email, SMS, or telephone calls.

2.2.3. Accounting and tax purposes refer to maintaining accounting records in accordance with applicable legislation.

2.2.4. HR and payroll processing includes employment contracts, salary processing, and statutory social and health insurance contributions.

2.2.5. Statistical purposes include anonymized tracking of website traffic, page views, time spent, and device type, used to improve services and content relevance.

2.2.6. Advertising means displaying tailored advertisements based on user preferences.

2.2.7. Legitimate interest includes:

  • legal defense in case of disputes
  • service improvement and development
  • fraud prevention
  • direct marketing to existing clients
  • internal administrative purposes within corporate structures
  • network and information security

The retention period in such cases may extend up to 4 years after the expiration of warranty periods, or longer if a legal dispute is ongoing.

2.2.8. Legal obligations include providing data to law enforcement or other public authorities when required.

2.3. Personal data are processed only for the period necessary to fulfill contractual and legal obligations, or for the duration of consent. Retention periods are determined by the purpose of processing and applicable legal requirements.

2.4. Personal data may be processed both manually and automatically, including for analytical and statistical purposes.


3. Processing Based on Consent

3.1. Where processing is based on your consent, it is primarily for:

3.1.1. The use of cookies for marketing and analytics purposes, including:

  • advertising targeting
  • remarketing
  • measuring campaign effectiveness via third-party tools

4. Data Subject Rights

4.1. As a data subject, you have the following rights:

4.1.1. Right of access – to obtain confirmation whether your personal data are processed and access to such data (Article 15 GDPR)

4.1.2. Right to rectification or erasure – to correct inaccurate data or request deletion if no longer necessary or unlawfully processed

4.1.3. Right to restriction of processing – to limit how your data are processed

4.1.4. Right to explanation – if you suspect unlawful processing

4.1.5. Right to lodge a complaint with the relevant supervisory authority (e.g., Czech Data Protection Authority)

4.1.6. Right to data portability – to receive your data in a structured, commonly used, machine-readable format (Article 20 GDPR)

4.1.7. Right to object – to processing based on legitimate interests or public interest

4.1.8. Right to withdraw consent – at any time, without affecting the lawfulness of prior processing


5. Transfers to Third Countries

5.1. Personal data may be transferred outside the European Economic Area, particularly when using third-party services (e.g., Google, Meta, Twitter).

Such transfers are carried out in compliance with applicable legal requirements, including the use of Standard Contractual Clauses or other appropriate safeguards.


6. Contact Information

6.1. For any questions regarding personal data protection or to exercise your rights, you may contact the Controller at: