Privacy & GDPR.
We take care of personal data the way we'd want ours handled. This page explains, in plain English, what we collect, why we collect it, and the rights you have under the EU General Data Protection Regulation (GDPR).
Data controller
The data controller is Persuara s.r.o., Opletalova 1417/25, 110 00 Prague, Czech Republic.
Company ID (IČO): 21899045 · VAT ID (DIČ): CZ21899045.
For any privacy question, contact us at decide@persuara.com.
What data we collect
Visiting this website does not require an account. We collect only the minimum needed:
- Technical data — IP address, browser type, device type, referring URL, time of visit. Collected automatically by our hosting provider for security and basic diagnostics.
- Cookies and similar storage — a small identifier in your browser that remembers your cookie preference and, if you consent, lets us measure aggregate traffic.
- Contact data you give us — name, email, company, and anything you share via the booking flow or by emailing us directly.
Why we process it
- Legitimate interest — running and securing the website, responding to enquiries, and improving how we present our work.
- Consent — for any non-essential cookies or tracking. You can withdraw consent at any time by clearing the consent in your browser or contacting us.
- Contract performance — when you become a client, to deliver the work we agreed on.
- Legal obligation — accounting, tax, and other statutory record-keeping.
Cookies and similar technologies
We use the smallest possible set of cookies. Two categories:
- Essential — required for the site to function (e.g. remembering your cookie choice). No consent needed under § 89 of the Czech Electronic Communications Act.
- Analytics — Google Analytics 4, loaded only if you click Accept in the cookie banner. Helps us understand how the site is used, in aggregate, without identifying you.
The specific cookies this site sets:
| Name | Purpose | Retention |
|---|---|---|
| tomas-patak-cookie-consent | Stores your cookie banner choice (essential) | 12 months |
| _ga, _ga_* | Google Analytics — site analytics (consent only) | 24 months |
| _gid | Google Analytics — same-day visitor ID (consent only) | 24 hours |
You can withdraw consent at any time by clearing site data in your browser (the banner will reappear) or by contacting us at decide@persuara.com.
Who we share data with
We work with a small number of trusted processors under contract:
- Hosting — Netlify, Inc. (USA), which serves this website and collects basic server logs for security and diagnostics.
- Scheduling — HubSpot, when you book a call through our calendar link.
- Analytics — Google Analytics, only if you accept analytics cookies.
We do not sell personal data.
International transfers
Some processors operate outside the EU/EEA. Transfers are protected by Standard Contractual Clauses or equivalent safeguards as required by GDPR.
How long we keep data
- Cookies — up to 12 months from your last visit.
- Email and enquiry data — kept for as long as needed to respond and, if a project follows, for the duration of the engagement plus statutory retention.
- Accounting records — kept for the period required by Czech law (typically 10 years for invoices).
Your rights
Under GDPR you have the right to:
- access the personal data we hold about you,
- have inaccurate data corrected,
- request erasure ("right to be forgotten"),
- restrict or object to processing,
- receive your data in a portable format,
- withdraw consent at any time, and
- lodge a complaint with the Czech supervisory authority — Úřad pro ochranu osobních údajů.
To exercise any of these, email decide@persuara.com — we will reply within 30 days.
Security of personal data
We apply industry-standard technical and organisational measures to protect personal data from unauthorised access, loss, destruction or disclosure. In particular:
- all communication between browser and site runs over encrypted transit (HTTPS / TLS 1.3),
- access to systems storing personal data is protected by strong passwords and multi-factor authentication,
- we apply the principle of least-privilege access,
- we regularly audit security of our systems and processes,
- our processors are contractually bound to equivalent protection under Article 28 GDPR.
Automated decision-making and profiling
When processing your personal data, we do not engage in automated decision-making or profiling within the meaning of Article 22 GDPR that would produce legal effects concerning you or similarly significantly affect you.
Changes to this notice
We may update these privacy policies from time to time — for example if we change how we process data, add new processors, or if the legal framework changes. The current version is always available on this page and the effective date is shown in the header.
For material changes we will notify you in advance via this website or by email if we have your contact.
Have a privacy question or want to exercise any of your rights? Email us at decide@persuara.com and we'll reply within 30 days.