Privacy Policy

Privacy Policy
SCHAGERER Legal, advokátní kancelář s.r.o.

This document sets forth the principles governing the processing of personal data by SCHAGERER Legal, advokátní kancelář s.r.o., in accordance with applicable legislation, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as the “GDPR”) and Act No. 110/2019 Coll., on the processing of personal data, as amended.

Identification of the Data Controller

Company: SCHAGERER Legal, advokátní kancelář s.r.o.
Company ID: 140 74 354
Headquarters: Plzeňská 276/298, Motol, 150 00 Praha 5
E-mail: info@akschagerer.cz
Phone: +420 605 839 977

(hereinafter referred to as the “controller” or “law firm”)

The controller is responsible for ensuring that personal data is processed lawfully, solely for predefined purposes, and that it is adequately protected against misuse, loss, or unauthorized access.

Scope and Purpose of Personal Data Processing

In the course of the law firm’s activities, the following categories of personal data may be processed:

  • Identification data: first name, last name, title, date of birth, personal identification number, company ID number, tax ID number, identification document numbers, health insurance information
  • Contact information: email address, phone number (optional), address, bank account information
  • Data regarding employment and the selection process for positions at the law firm, including related communications
  • Data obtained in connection with the provision of legal services, including related communications
  • Data regarding health status
  • Other data obtained based on your consent

The controller processes personal data primarily to handle your requests submitted via the contact forms located on the microsites and on the website www.akschareger.cz, particularly in connection with your interest in the legal services provided by the controller. 

Personal data may also be processed, in particular, for the following purposes:

  • Conclusion and performance of a contract for the provision of legal services
  • Compliance with legal obligations applicable to the controller
  • Exercise, establishment, or defense of the controller’s rights and legal claims
  • Exercise, establishment, or defense of the rights and legal claims of third parties, in particular the controller’s clients
  • Conducting and evaluating recruitment processes organized by the controller
  • Ensuring the operation and security of the website www.akschagerer.cz, including the processing of data obtained through cookies and similar technologies
  • Sending newsletters, professional information, invitations to events, and other commercial communications regarding the controller’s activities and services, provided that the conditions set forth by law for such processing are met
  • Ensuring the controller’s internal operational, administrative, and organizational matters
  • Entering into and fulfilling other contractual relationships with the controller
  • Other specific purposes for which you have granted the controller consent to process your personal data

Legal basis for processing

The controller processes personal data in accordance with the requirements of the GDPR and applicable national legislation. We process personal data both manually and automatically, and always only to the extent necessary. All operations involving personal data are carried out exclusively in the following cases:

  • You have given your consent to the processing of your personal data
  • To provide legal services
  • To perform the contract we have entered into with you
  • To take steps at your request prior to entering into a contract
  • For the performance of a task carried out in the public interest or in the exercise of official authority
  • If required by the laws of the Czech Republic or directly applicable EU regulations
  • If it is necessary to protect your vital interests or those of another natural person
  • If it is necessary to protect our legitimate interests or the legitimate interests of third parties (in particular our clients), but only provided that this does not conflict with your interests or your fundamental rights

Recipients of personal data

The controller may disclose data subjects’ personal data to third parties to the extent necessary, always in accordance with the GDPR and other applicable laws. Personal data is disclosed only when necessary to achieve the specified purpose, and always on the basis of an appropriate legal basis. Personal data may be disclosed in particular to the following categories of recipients:

  • IT, cloud, and server service providers
  • Accounting, tax, and consulting service providers
  • Payment service providers and banking institutions
  • Auditors, notaries, or public authorities
  • Translators
  • Other recipients, but only as needed and as directed by the client

The controller maintains an up-to-date list of categories of recipients of personal data. The data subject has the right to obtain further information about the recipients to whom their data has been disclosed, upon request pursuant to Article 15 of the GDPR. In the event that personal data is transferred to a recipient established outside the EU, protection will be ensured through standard contractual clauses.

Retention period for personal data

The controller retains personal data only for as long as is strictly necessary to fulfill the purpose of its processing. Specifically, this includes the period during which we provide our services to you, followed by a period of 10 years after the termination of our contractual relationship (or, in justified cases, for a longer period), or for the period specified.

Data Protection

The controller securely stores personal data to prevent unauthorized access, alteration, disclosure, or other misuse. All employees with access to personal data are bound by a duty of confidentiality. The controller is required to notify you in the event of a breach of the security of your personal data that would result in a high risk to your rights and freedoms.

Your rights under the GDPR

Under applicable law, you have extensive rights regarding the processing of your personal data, as set forth in particular in Articles 15 through 22 and 77 of the GDPR. The controller respects these rights and ensures that they can be exercised. In individual cases, the exercise of these rights may be limited by the law firm’s duty of confidentiality, as well as by the need to fulfill other legal obligations related to the provision of legal services.

Right of access to personal data: You have the right to obtain information about whether the controller is processing your personal data, and if so, you have the right to access such data, as well as the right to further information related to its processing

Right to rectification: If your personal data is inaccurate or incomplete, you have the right to request that it be corrected or supplemented without undue delay

Right to erasure: You have the right to request that the controller erase your personal data if any of the following situations arise:

  • The data is no longer necessary for the purposes for which it was collected
  • You have withdrawn your consent and there is no other legal basis for processing
  • You have objected to the processing and the controller’s legitimate grounds do not override your interests
  • The processing of the data was unlawful
  • Erasure is required to comply with a legal obligation

However, the right to erasure does not apply if the processing is necessary: 

  • to exercise the right to freedom of expression and the right to information
  • to comply with our legal obligation
  • for reasons of public interest in the area of public health
  • for archiving purposes in the public interest, for scientific or historical research purposes, or for statistical purposes, where erasure is likely to render impossible or seriously impair the achievement of the purposes of such processing
  • for the establishment, exercise, or defense of legal claims.

Right to restrict processing: You have the right to request that we restrict the processing of your personal data if: 

  • You contest the accuracy of your personal data – we will restrict processing for the time necessary to verify the accuracy of your personal data
  • The processing is unlawful, and instead of erasure, you request that the use of your personal data be restricted
  • We no longer need your personal data, but you require it for the establishment, exercise, or defense of legal claims
  • You have objected to the processing – we will restrict processing until it is verified whether our legitimate grounds override your legitimate grounds.

Right to data portability: If the processing is carried out by automated means and is based on consent or a contract, you have the right to request that this data be provided to you in a commonly used and machine-readable format, or that it be transferred to another controller.

Right to withdraw consent: You have the right to withdraw your consent to the processing of personal data at any time, without any adverse consequences. The right to withdraw consent does not apply to personal data processed on the basis of other grounds.

Right to object: You have the right to object to the processing of your personal data at any time. We will cease processing your personal data unless we demonstrate compelling legitimate grounds for the processing that override your rights and interests. In the event of an objection to the processing of data for direct marketing purposes, we will cease processing your data without further notice.

Right to lodge a complaint: If you believe that your personal data is being processed in violation of applicable laws, you have the right to lodge a complaint with the supervisory authority. This authority is the Office for Personal Data Protection.

Cookies

In accordance with applicable laws, this website stores small text files, commonly known as cookies, on your device. These allow the website to record information about your visit, such as your preferred language and other settings.

Changes to the Privacy Policy

The Data Controller reserves the right to update this Privacy Policy from time to time, particularly in response to changes in legislation or the decision-making practices of supervisory authorities. Any updates to the Policy will be posted on the law firm’s website and will include the effective date.

Last update: 08.06.2026