Woman looking up

Privacy Policy

Lidya (“Lidya” or “We“) is serious about protecting the privacy of your personal information. We have put strict policies into place to ensure that the privacy of your personal information is protected in accordance with the Regulation (EU) 2016/679 and associated Czech laws (collectively the “GDPR”) while still enabling you to make use of the website (the “Site“) or the services provided by Lidya (the “Services“). We use information collected about you through the use of the Services or on the Site solely for the purposes set out in this policy. The terms of this policy may be updated from time to time, so please check our website or this page occasionally for updates. The terms of this policy are also incorporated into the Lidya Terms of Use and Registration Terms.

What information do we collect?

We collect information from you when you register for our service. This information includes, but is not limited to, your name, e-mail address, mailing address, phone number, your Company Registration Number (ICO), VAT Registration Number (DIC) and your bank account information. We also collect information regarding our transactions and experiences with you, including your invoice history. We may also collect information from third parties websites or applications as specified in this policy below.

What do we do with the information we collect?

Any of the information we collect from you may be used only in one of the following manners and for the purposes mentioned below:

  • To compile, save, use and analyze your information in both a personally-identifiable form and an aggregated, non-personally identifiable form;

  • To operate, maintain, improve and provide to you our Services, conducting our business and processing transactions in performing our mutual agreement(s);

  • To verify your identity;

  • To register you as a user and identify you when you sign in to your account;

  • To conduct background checks and determine your eligibility for funding;

  • To personalize your experience and improve customer service (your information helps us to better respond to your individual needs, your service requests and send account update notifications;

  • To send you marketing communications related to the same or similar products or services as those which you have purchased from us; we can send you other marketing notifications only based on your specific consent; and

  • To develop and improve our website (we continually strive to improve our website offerings based on the information and feedback we receive from you).

We will share your Personal Information with third parties only in the ways that are described in the policy.

Legal grounds for processing

We process above mentioned information on the following legal grounds:

  • Processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract;

  • Processing is necessary for the purposes of the legitimate interests pursued by us;

  • Your consent to the processing of your data for general marketing purposes (if applicable).

Security or how do we protect your information?

We take security very seriously and have developed a comprehensive set of practices, technologies and policies to help ensure your data is secure. We make it a priority to take our users’ security and privacy concerns seriously. We use some of the most advanced technology for Internet security that is commercially available today.

We implement a variety of security measures to maintain the safety of your personal information when using the Site, enter, submit, or access your personal information. We offer the use of a secure server. All of our communications and processing occur through Secure Socket Layers (SSL) technology, using SSL encryption to ensure the security of all information and then save into our secure database only to be accessible by those authorized with special access rights to such systems, and are required to keep the information confidential.

To prevent unauthorized access, maintain data accuracy, and ensure the correct use of information, we have put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the information we collect online. We also use the services of leading companies to process all financial transactions.

While we strive to protect your personal information, Lidya cannot ensure or warrant the security of any data or content you transmit to us, and you do so at your own risk. In the event of a breach of the confidentiality or security of your information, we will notify you (as well as the Czech Office for the Personal Data Protection to the extent necessary according to the GDPR) within a prescribed time frame so you can take appropriate protective steps and to inform you of the steps that Lidya is taking with respect to such breach.

Do we use cookies?

Our website uses cookies – small text files that are stored in your internet browser or device by web servers when you visit some websites. Cookies are used to distinguish you from other users of our website and to store data about how our Site is used (e.g. the number of site visitors, time you spent visiting the Site or what content interests you).

This information is anonymous (e.g. we collect information regarding the type of browser you are using or the name of your internet provider's domain) and is used to improve our services and ensure the correct operation of our website. We do not identify any individual Site visitors, unless they provide their contact details using the form(s) available on the Site.

Types of cookies used

Based on the purpose of the cookie:

  1. strictly necessary cookies are cookies that are required to ensure the correct operation of our Site. They include, for example, cookies that enable you to log into secure areas of our Site, use a shopping cart or make use of e-billing services; and

  2. analytical/performance cookies are cookies that allow us to recognize and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our Site works, for example, by ensuring that users find what they are looking for easily.

Based on the owner of the cookie:

  1. first-party cookies are stored by the website you are browsing; and

  2. third-party cookies are cookies placed on your device by a website other than the website you are currently browsing.

Based on the lifespan of the cookie:

  1. persistent cookies are stored on your device or internet browser for a previously defined time. They are activated each time you visit the website which generated the respective cookie; and

  2. session cookies allow website operators to link the actions of a user during a browser session. They are generated when you access the internet browser and are deleted when you close the internet browser.

Additional information regarding cookies

Third-party websites

  1. Our Site contains links to other websites administered by third parties.

Visitors should acquaint themselves with the privacy policy of such websites and should be aware that we have no responsibility or liability for the manner in which third parties process personal data.

Cookie blocking

When accessing our Site, cookies are downloaded to your web browser and stored in your device.

You can change your browser's cookie settings to allow or block cookies from being stored on your device. If you decide to block cookies, you probably may not be able to fully use all functions of our Site.

The manner in which you can disable your cookies is different for each browser. Specific instructions are provided under your browser's 'Help Menu'. More detailed information about cookie administration by the most commonly used web browsers is available here:

  1. Internet Explorer: https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies

  2. Firefox: https://support.mozilla.org/en-US/kb/delete-cookies-remove-info-websites-stored

  3. Chrome: https://support.google.com/chrome/answer/95647?hl=en-GB&co=GENIE.Platform

  4. Opera: https://blogs.opera.com/news/2015/08/how-to-manage-cookies-in-opera/

  5. Safari: https://support.apple.com/kb/PH5042?locale=cs_CZ

  6. Safari for iPad and iPhone: https://support.apple.com/en-gb/HT201265

  7. More information about cookies (including the administration and deletion of cookies) is available at: www.allaboutcookies.org.

Do we disclose any information to outside parties?

We will provide your information to our trusted business partners who assist us in operating the Site, conducting our business and servicing you, so long as those parties agree to keep this information confidential and comply with all other requirements included in the GDPR. We have concluded appropriate data processing agreements with all such suppliers.

We may also disclose your information:

  • As required by law, such as to comply with a subpoena, judicial or administrative order and/or any similar legal process;

  • When we believe in good faith that disclosure is necessary to (i) protect our rights or the rights of third parties (ii) to protect our property and safety or the property and safety of others, or (iii) investigate fraud or respond to a request from a governmental entity;

  • If Lidya is involved in a merger, acquisition, transfer, auction (including in a bankruptcy proceeding) or sale of all or substantially all of its assets or equity, in connection with such a transaction;

  • Non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.

  • To collection agencies, credit bureaus and fraud prevention agencies for the sole purposes of verifying your eligibility for receiving our products or services and/or for performing our contract with you;

  • To any other third party with your prior consent to do so.

Using Third Party Services and Data Retention

You allow us to receive information when you use the Services to log in to a third-party website or application (e.g. Facebook, Twitter or LinkedIn) (the “Third Parties Platform“). Please note that we retain the information we receive from your personal profile on the Third Parties Platform while you are logged-in to the Services and even after you have logged-out from the Services if such retention is reasonably necessary to enforce this policy and our Terms of Use, in our sole discretion.

Your rights

Under the GDPR, you have the following rights:

Right of access

Right of access means that you have the right to obtain from us confirmation as to whether, if any of your personal data is being processed, and, where that is the case, to access personal data and supplementary information regarding data processing.

Right to rectification

Right to rectification means that you have the right to have your personal data corrected if they are inaccurate or incomplete.

Right to erasure

Right to erasure (also known as the 'right to be forgotten') means that you have the right to request the erasure of your personal data processed by us; we have the obligation to erase such personal data when at least one of the following conditions is met:

  1. your personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;

  2. you withdraw consent on which the data processing is based and where there is no other legal ground on our part for the processing of your personal data;

  3. you have objected to the processing of your personal data based on our legitimate interests or necessary to perform a task carried out in the public interest or in the exercise of official authority vested in us, and there are no overriding grounds on our part for the processing of your personal data;

  4. you have objected to the processing of your personal data for direct marketing purposes;

  5. your personal data have been unlawfully processed;

  6. your personal data have to be erased in order to comply with our legal obligation;

  7. your personal data have been collected in relation to an offer of information society services.

You are not entitled to exercise the right to erasure to the extent that the processing of personal data is necessary:

  1. for the establishment, exercise or defence of legal claims;

  2. for exercising the right of freedom and information;

  3. for compliance with a legal obligation arising from applicable law, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in us;

  4. for reasons of public interest in the area of public health;

  5. for archiving purposes in the public interest, scientific or historical research or statistical purposes in so far as the right to erasure is likely to render impossible or seriously impair the achievement of the objectives of that data processing.

Right to restriction of processing

Right to restriction of processing means that you have the right to restrict us in processing of your personal data, where and insofar as:

  1. you have contested the accuracy of your personal data processed by us, for a period enabling us to verify the accuracy of your personal data;

  2. the processing of your personal data is unlawful, and you oppose the erasure of your personal data and request the restriction of their use instead;

  3. we no longer need the personal data for the purpose of processing, but they are required by you for the establishment, exercise or defence of your legal claims; or

  4. you have objected to the processing of your personal data that is based on our legitimate interests or that is necessary to perform a task carried out in the public interest or in the exercise of official authority vested in us, pending the verification whether our legitimate grounds override those of you.

Where the data processing has been restricted under any of the grounds given above, the personal data concerned may – with the exception of storage – only be processed subject to your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State of the EU.

We are obliged to notify you before the restriction of your personal data processing is cancelled.

Right to data portability

The right to data portability means that you have the right to receive your personal data provided to us in a structured, commonly used and machine-readable format and the right to transmit those data to another controller, where:

  1. the processing of your personal data is based on a consent or contract; and

  2. the processing of your personal data is carried out by automated means.

In exercising your right to data portability you have the right to have your personal data transmitted directly to another controller where technically feasible. The right to data portability does not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority.

Right to object

The right to object means that you have the right to object to the processing of your personal data, including profiling. If you decide to exercise the right to object, we will no longer process your personal data, unless we demonstrate compelling legitimate grounds for the data processing which override your rights and interests or where it is necessary for the establishment, exercise or defence of legal claims. If you object to processing for direct marketing purposes, our legitimate grounds will no longer be examined.

Right to withdraw consent

Where the processing of personal data is based on your consent, you have the right to withdraw your consent at any time.

Right to lodge a complaint

You can assert your rights using our data subject's request form, if available. We may refuse your request. Where permitted by applicable laws, we may charge a fee to comply with your request.

In the event that you believe that our processing of your personal data is in violation of applicable legislation, you have the right to lodge a complaint with the competent supervisory authority. In the Czech Republic, the supervisory authority is the Office for Personal Data Protection.

Additional information

If you have any queries regarding our Privacy Policy, please contact us at dpo@lidya.info.

Compliance with Governing Law

You agree that this policy is governed by the laws of the Czech Republic excluding the choice of law provisions thereof.

Your Confirmation of review and acceptance of this Privacy Policy

By using the Site, you confirm that you have reviewed and accepted our Privacy Policy.

Changes to our Privacy Policy

If we decide to change our policy, we will post those changes on this page and notify you electronically, and in such event your continued use of the Site, shall constitute your acceptance of such updated policy.

This Privacy Policy is effective as of December 1st, 2019.