The Petr Macek & Co. s.r.o. organization, ID: 04075081 (hereinafter Petr Macek & Co.), which develops and operates the Caflou website and application, declares that all personal data of users and visitors are considered confidential and this data is handled in accordance with Act no. 101/2000 Coll.

Caflou is fully prepared for GDPR. More information is here: https://www.caflou.com/gdpr 

We do not provide any personal data of our users to third parties. No personal data are used or will be used for marketing purposes.

Where are personal data saved?

All data (including user and account data in the Caflou application) and users’ personal data are stored centrally in safe repositories that are located in the European Union or the USA. Data do not in any way leave the European Union or the USA and are not kept anywhere outside the European Union or USA. 

We have valid agreements with all partners. These are prominent and reliable partners that are registered in the Czech Republic, EU, or USA. All listed partners are also participating the Privacy Shield project.

    • Technology: Amazon Web Services
    • Supplier: Amazon Web Services, Inc.
    • Location of data: EU
    • Contact: 410 Terry Ave North, Seattle , WA 98109-5210 , USA
    • Purpose: Application databases, back-up
    • Technology: DigitalOcean
    • Supplier: DigitalOcean
    • Location of data: EU
    • Contact: 101 Avenue of the Americas, 10th Floor, New York, NY 10013, USA
    • Purpose: Application server, back-up
    • Technology: Mailgun
    • Supplier: Mailgun Technologies
    • Location of data: USA
    • Contact: 535 Mission St., 14th Floor San Francisco, CA 94105, USA
    • Purpose: Sending system e-mails
    • Technology: Intercom
    • Supplier: Intercom, Inc.
    • Location of data: USA
    • Contact: 55 2nd St., 4th Fl., San Francisco, CA 94105, USA
    • Purpose: Communication with application users

More information on security can be found here: https://www.caflou.com/security/

What personal data do we collect?

Petr Macek & Co. reserves the right but is not obliged to collect the following data. All data below are considered to be confidential and are subject to these terms and conditions of the protection of personal data.

  1. User data
    • E-mail of the user – during registration (mandatory and necessary for use of the account, signing in to the application), an e-mail is not necessary if the user registers via his/her Facebook profile or a Google account
    • Name and surname of the user – voluntary; the system does not request data (the system uses data to personalize the account and communication) 
  2. Account data (this concerns invoicing data that we use only for invoicing for using of the service/application (in the event of voluntary upgrade to a paid package); it is personal information in the case of a physical person)
    • Company name or personal name – mandatory only for paid accounts
    • Address – mandatory only for paid accounts
    • ID and VAT ID no. – not mandatory
    • Invoicing e-mail – mandatory only for paid accounts
  3. Petr Macek & Co. uses third party payment gateways for certain types of payments (e.g. payment by credit card). If the user uses payment by credit card, via PayPal, or another payment method, the numbers of credit cards or other sensitive payment information are in all cases processed by the payment gateway of the third party. Petr Macek & Co. does not save credit card numbers or any other sensitive payment information and has no access to them.
  4. Personal data of visitors: Visitors to the caflou.com website may enter their personal data into the live chat either directly in the conversation or can be requested to fill in data before the conversation begins.
  5. Technical data: Certain technical data on users and visitors such as IP address, type of internet browser, type of operating system, approximate location, etc., may be automatically obtained and collected by Petr Macek & Co. This inormation is not used for identification of any person.

Caflou application users can store data in the application including personal data (and the personal data of third party entities). The Client (user/owner of the account in the Caflou application) continues to be the administrator. The Client is not freed of the responsibility for the processing of personal data by using the Caflou application.

How are personal data secured?

Petr Macek & Co. protect personal data of users via modern industry standards. Security of data and information stored on user accounts is described in detail on the Security page or at https://www.caflou.com/security 

  • Our employees are aware of the necessity to secure data and are trained in data protection; we require two-phase authentication to access all our systems
  • We protect all data with strong security and these data are stored in safe repositories; we exclusively use an HTTPS encoded connection
  • For user access to the application, strong passwords are required, which are encoded and may not be retrieved; voluntary two-phase authentication is available 
  • You will find three levels of security in the application: 
    1. User log-in
    2. User authorization for the account
    3. User rights in the account and in objects

Editing of or access to personal data on the part of the user is always allowed only after logging in to the account of Caflou’s Service at app.caflou.com.

How do we use cookies?

While using Caflou’s services and products, temporary files called “cookies” may be saved which may contain data on the visitor. While processing cookies, the personal data of the visitor may be linked to information contained in the cookie. These data are used exclusively for purposes of improving Caflou’s service. Petr Macek & Co. respects the privacy of its users and adheres to relevant laws while processing cookies.

The visitor may prevent cookies from being saved by opening the Caflou website in an anonymous mode. Anonymous modes are supported by all modern internet browsers and no cookies are collected in this mode. While using an anonymous mode in the browser, the full functionality of Caflou’s products and services may not be ensured and using these products and services in such a way may lead to non-standard behavior.

How can personal data be edited or deleted?

After logging in to their account at https://app.caflou.com, the user can edit or delete any data, delete his/her profile, or delete his/her account.

At the user’s request, we can:

  • Delete the user’s personal data (deleting the profile, account)
  • Hand over personal data to the user 
  • Inform the user on how we use personal data
  • Correct the user’s personal data 
  • Stop using data for direct contact
  • Stop processing/using the user’s personal data
  • Stop using messages based on “profiling” and use of the application

Requests can be sent to support@caflou.com; we may request authentication of identity based on information available to us. 

The process of complete deletion of a Caflou profile and/or account is irreversible and is carried out only at the request of the user. The user may be requested by Petr Macek & Co. to authenticate ownership of the profile and/or account according to the data entered during registration.

If a visitor to the caflou.com website wants to delete specific personal data concerning their person, they can send a request to support@caflou.com. The visitor may be called upon to prove their identity to authenticate that the personal data do in fact relate to their person.

General Terms and Conditions

Use of Caflou’s Service conforms to the General Terms and Conditions that can be found at https://www.caflou.com/terms-and-conditions.

Final Provisions

Petr Macek & Co. reserves the right to edit this document on the protection of personal data and general terms and conditions without prior notice. Users and visitors can always find the current version of the general terms and conditions and updated information on the protection of personal data at https://www.caflou.com.

Last update: 18. 5. 2018.