PRIVACY POLICY

We understand that our visitors, users and anyone who navigates our website (collectively, “Users”) value their privacy. This document contains important information regarding the principles we follow when processing personal data.

All processing of personal data is always carried out in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”).

Please note: In the event of any discrepancies between the Czech and foreign language versions of this Privacy Policy, the Czech version will take precedence. Individual language versions of this Policy are available at: https://www.avantfunds.cz/en/gdpr/, https://www.avantfunds.cz/ru/gdpr/.

BASIC INFORMATION

Provider´s identification and contact information:

name
AVANT investiční společnost, a.s.
ID number
27590241
registrered office
Hvězdova 1716/2b, 140 00, Praha 4 – Nusle
contact email
info@avantfunds.cz
contact telephone
+420 267 997 795

(“Provider”)

Data protection officer:

The Provider has appointed a Data Protection Officer to assist in addressing data protection issues. If necessary, the User can contact the Officer directly. The Data Protection Officer is available to handle queries regarding personal data or to provide further information on data protection:

contact email
dpo@avantfunds.cz
contact telefon
+420 267 997 795

Transfer of personal data to a third country or international organization:

The Provider will not transfer personal data to third countries or international organizations within the meaning of Article 44 et seq. of the GDPR.

Automated individual decision-making and profiling:

The Provider will not carry out profiling or automated individual decision-making.

Supervisory authority:

The supervisory authority in the place of the Provider´s registered office is the Office for Personal Data Protection with its registered office at Pplk. Sochora 27, 170 00 Prague 7, e-mail: posta@uoou.cz, tel.: 234 665 125.

Provider´s qualification:

The Provider qualifies only as the data controller.

PROVIDER – DATA CONTROLLER

The Provider acts as the data controller in relation to the personal data of persons who send the Provider a request to be contacted via the Provider´s web form.

What personal data are processed by the Provider, for what purpose and on what legal basis?

Visit to the website. The Provider processes the data it obtains from the User when the User visits the Provider´s website and fills in and submits the web form with a request for contact. After filling in and submitting the web form with a request for contact on the Provider´s website, the Provider collects and processes the following types of personal data, which are stored: Telephone, email, name and surname, postcode (if the individual items of the form are filled in). Furthermore, the Provider processes the following data: browser type and language, server requests, including time and referring URL. These data are necessary for the correct display of the website. They may also be used as necessary to ensure the secure operation of the website and for other purposes as described in this Privacy Policy. The Provider processes these personal data on the basis of its legitimate interest or the User´s consent. Cookie policy is set out below.

Sensitive personal data

As the data controller, the Provider will not process personal data of Users belonging to special categories of personal data pursuant to Article 9 of the GDPR.

How long are personal data processed by the Provider?

Personal data are processed only for as long as there is a legal reason to store them, subsequently the data are deleted promptly.

Personal data processed for the performance of obligations arising from special legal regulations are processed by the Provider for the period of time specified by the relevant legal regulations. This includes, for example, statutory data retention or documentation obligations. These are in particular data retention obligations arising from civil, commercial or tax laws. When the retention obligation expires, personal data will be deleted promptly.

Other personal data are processed for: 2 months

DATA SECURITY

In order to secure the User´s data against unauthorized or accidental disclosure, the Provider uses reasonable and appropriate technical and organizational measures.

The Provider will ensure that if servers are located in a data center operated by a third party, similar technical and organizational measures are implemented by that third party.

All data are located only on servers located in the European Union or in countries that ensure protection of personal data in a manner equivalent to the protection provided by the legislation of the Czech Republic.

The Provider has implemented the following data security procedures: Technical measures consist in the application of technologies that prevent unauthorized access to the User´s data by third parties, in particular the use of firewalls, updated antivirus programs, etc. For maximum protection, the Provider uses data encryption. Operational systems in which personal data are processed and operational premises where personal data are processed are protected physically and electronically, in particular by means of controlled entry and access of employees, physical protection by persons as well as technical (mechanical means) and electronic security systems. The organizational measures consist of a set of rules of conduct for employees and are incorporated into the Provider´s internal regulations, which are considered confidential for security reasons. The procedures are based, inter alia, on minimizing the number of persons who have access to and who can handle personal data. All employee access to, and handling of, personal data are monitored and recorded.

RIGHTS OF USERS

Each User has:

  • the right of access to personal data: The User has the right to obtain confirmation from the Provider as to whether or not the personal data concerning him/her are being processed and, if they are, the right to access such personal data and the following information: (a) the purpose of the processing; (b) the categories of personal data concerned; (c) the recipients to whom the personal data have been or will be disclosed; (d) the planned data retention period; (e) the existence of the right to request from the controller the rectification or erasure of the personal data or the restriction of their processing, or to object to such processing; (f) the right to lodge a complaint with a supervisory authority; (g) any available information on the source of the personal data, unless obtained from Users; (h) the fact that automated decision-making, including profiling, is taking place. The User also has the right to obtain a copy of the personal data processed.
  • the right to rectification of personal data: the User has the right to request the Provider to correct inaccurate personal data concerning him/her without undue delay or to complete incomplete personal data.
  • the right to erasure of personal data: the User has the right to request the Provider to erase the personal data concerning him/her without undue delay if: (a) the personal data are no longer necessary for the purposes for which they were collected or otherwise processed; (b) the User withdraws the consent on the basis of which the data were processed and there is no further legal basis for the processing; (c) the User objects to the processing and there are no overriding legitimate grounds for the processing; (d) the personal data have been unlawfully processed; (e) the personal data must be erased to comply with a legal obligation under European Union or Member State law; (f) the personal data were collected in connection with the offer of information society services. However, the right to erasure shall not apply where the processing is necessary for compliance with a legal obligation, for the establishment, exercise or defense of legal claims and in other cases laid down in the GDPR.
  • the right to restriction of processing: the User has the right to request the Provider to restrict processing in any of the following cases: (a) the User contests the accuracy of the personal data, for the time necessary to allow the Provider to verify the accuracy of the personal data; (b) the processing is unlawful and the User refuses to erase the personal data and requests instead to restrict its use; c) the Provider no longer needs the personal data for the purposes of the processing, but the User requires it for the establishment, exercise or defense of legal claims; d) the User objects to the processing until it is verified that the legitimate grounds of the Provider override the legitimate grounds of the data subject.
  • the right to object to processing: the user has the right to object at any time, on grounds relating to his/her particular situation, to the processing of personal data concerning him/her which are processed on grounds of legitimate interest. In this case, the Provider will not further process the personal data until it demonstrates compelling legitimate grounds for the processing which override the interests or rights of the Users or for the establishment, exercise or defense of legal claims.
  • the right to data portability: the User has the right to obtain the personal data concerning him/her that have been transmitted to the Provider in a structured, commonly used and machine-readable format and the right to transmit these data to another controller, if: a) the processing is based on consent and b) the processing is carried out by automated means. In exercising his/her right to data portability, the User has the right to have personal data transmitted directly from one controller to another, if technically feasible.
  • the right to lodge a complaint with the supervisory authority: If the User believes that the Provider does not process his/her personal data lawfully, he/she has the right to lodge a complaint with the supervisory authority. The contact details of the supervisory authority are listed above.
  • the right to be informed about the rectification or erasure of personal data or restriction of processing: the provider is obliged to notify the individual recipients to whom the personal data have been disclosed of any rectification or erasure of personal data or restriction of processing, except where this is impossible or requires disproportionate effort. If the User so requests, the Provider will inform the User of these recipients.
  • the right to be informed in the event of a data breach: if a particular data breach is likely to result in a high risk to the rights and freedoms of natural persons, the Provider is obliged to notify the User of the breach without undue delay.
  • the right to withdraw consent to the processing of personal data: if the processing of a part of the personal data is based on consent, the User has the right to withdraw his/her consent to the processing of personal data at any time in writing, by sending his/her disagreement to the e-mail address: dpo@avantfunds.cz.

COOKIES

The Provider uses cookies, which are small text files that identify users of the Provider´s website and record their user activities.

The text in a cookie file is often made up of a series of numbers and letters that uniquely identify the User´s computer, but do not provide any specific personal information about the User. A cookie usually contains the name of the domain from which it was sent, information about age and an alphanumeric identifier.

The Provider´s website automatically identifies the User´s IP address. The server records all this information in an activity file, which allows subsequent data processing. The Provider also records the request from the browser and the time of the request, the status and the amount of data transferred within this request. It also collects information about the browser and computer operating system used and their versions. It also records the web pages from which you accessed the Provider´s website. The IP address of your computer is stored only for the period of time the website was used and then only for as long as necessary. After the expiration of these periods, the IP address is deleted or anonymized by truncation.

Type of cookies and similar technologies

Technical cookies and similar technologies: based on its legitimate interest, the Provider uses technically cookies that are necessary for the operation of the website and to ensure its functionality. These cookies may be persistent or session cookies. A persistent cookie remains on your hard drive even after you close your browser. Persistent cookies may be used by the browser during subsequent visits to the Provider´s website. Persistent cookies can be deleted. Session cookies are temporary and are deleted once the browser is closed. These data are used by the Provider to operate the website, in particular to identify and resolve errors, to determine the use of the website and to make adjustments or improvements. These purposes are based on the Provider´s legitimate interest in the processing of the data pursuant to Article 6(1)(f) of the GDPR.

The User can set his/her browser to block these cookies. The Provider warns that in this case certain parts of the website will not work.

The Provider uses the WebStorage listed in the table below in the same manner and for the same reasons.

With the User´s permission, the Provider uses additional cookies:

Analytical cookies and similar technologies: these cookies help the Provider to analyze how Users use the website. They may be used, for example, to measure and improve the performance. For example, these cookies allow to determine how the User arrived at the website, whether directly, through a search engine or via a link on a social network. In addition, the Provider learns how long Users stay on the website and what links they click.

These cookies are set on the User´s device only if he/she gives his/her consent to do so during his/her first visit to the website (pursuant to Article 6(1)(a) of the GDPR). Analytical cookies can be refused at any time by simply making the appropriate change in the Detailed Cookie Settings.

The Provider uses the WebStorage listed in the table below in identical manner and for the same reasons.

Advertising cookies and similar technologies: advertising cookies allow advertising to be displayed based on the User´s preferences. They can be used, for example, to allow the Operator to create a profile of the User´s interests and to display relevant advertisements to the User.

These cookies are used on the User´s device only if he/she gives his/her consent during his/her first visit to the website (pursuant to Article 6(1)(a) of the GDPR). Advertising cookies can be refused at any time by simply making the appropriate change in the Detailed Cookie Settings. If the User does not give his/her consent, he/she will not receive content and advertisements tailored to his/her interests.

The Provider uses the WebStorage listed in the table below in identical manner and for the same reasons.

any other cookies/similar technologies if they are listed in the table below.

To obtain and manage the User´s consent, the Provider uses the CookiesLišta.cz platform from Soft Evolution s.r.o., ID No.: 46982230, Martinice 100, 594 01 Velké Meziříčí. The platform collects device information, browser information, anonymized IP address, date and time of visit, URL requests, web path and geographical location. This allows the Provider to inform the User about the Provider´s web environment and to obtain, manage and document the User´s consent. The legal basis for data processing in this case is Article 6(1)(c) of the GDPR, since the Provider is legally obliged to provide proof of consent in accordance with Article 7(1) of the GDPR. The data will be deleted as soon as they are no longer needed for logging and there are no legal requirements for retention. For more information on data protection at the platform provider, please visit: https://www.cookieslista.cz.

Third-party cookies may also be placed on the Provider´s website. The Provider uses the following cookies:

 

Processor Cookies designation Personal data Purpose of processing Legal basis Duration of processing
Technical cookies/similar technologies
AVANT investiční společnost, a.s. dcb_dsv no Consent to cookies processing. legitimate interest local repository / 365 days
AVANT investiční společnost, a.s. dcb_config no Configuration of consent to cookies processing. legitimate interest local repository / 365 days
Google LLC – 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States cookiePreferences no Registration of user´s cookies settings. user’s consent 2 years
AVANT investiční společnost, a.s. pll_language no Configuration of web language. legitimate interest Session
Analytical cookies / similar technologies
Google LLC – 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States _ga no ID for user identification user’s consent 2 years
Google LLC – 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States _ga_ no ID for user identification user’s consent 2 years
Google LLC – 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States _gid no Id for user identification for 24 hours after last activity user’s consent 24 hours
Google LLC – 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States _gat no Monitoring of number of requests of Google Analytics server when using Controller´s Google marks user’s consent 1 minute
Google LLC – 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States _dc_gtm_ no Monitoring of number of requests of Google Analytics server user’s consent 1 minute
Google LLC – 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States AMP_TOKEN no Contains token ID used for scanning client ID from AMP Client ID service. user’s consent 30 seconds to 1 year
Google LLC – 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States _gat_gtag_ no Configuration and obtaining of monitoring data. user’s consent 1 hour
Google LLC – 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States _gac_ no Contains information relating to user´s marketing campaigns. These are shared with Google AdWords / Google Ads, when Google Ads and Google Analytics are connected. user’s consent 90 days
Google LLC – 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States __utma no ID for user identification and relations. user’s consent 2 years after last activity
Google LLC – 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States __utmt no Monitoring of number of requests of Google Analytics server. user’s consent 10 minutes
Google LLC – 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States __utmb no Identification of new relations and visits. This cookie is configured when javascript GA.js library is loaded and there is no existing _utmb cookie. Cookie is updated each time when data are sent to a Google Analytics server. user’s consent 30 minutes after last activity
Google LLC – 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States __utmc no Used only for old versions of Urchin Google Analytics, not for GA.js. Used for identifying new relations and visits at the end of relation. user’s consent End of relation (browser)
Google LLC – 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States __utmz no Contains information on the source of traffic or campaign which directed the user to the website. Cookie is set when GA.js javascript loads and updated once data are sent to a Google Analytics server. user’s consent 6 months after last activity
Google LLC – 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States __utmv no Information for website developers is received via _setCustomVar in Google Analytics. Cookie contains new updates and new messages on Google Analytics server. user’s consent 2 years after last activity
Google LLC – 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States __utmx no Identification whether user is included in test A / test B with multiple variables. user’s consent 18 months
Google LLC – 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States __utmxx no Determination of end of test A / test B with multiple variables involving the user. user’s consent 18 months

Browser cookies settings

Most web browsers accept cookies automatically. However, it is possible to block or remove them.

Instructions for blocking or removing cookies in browsers can usually be found in the privacy policy or “help” menu of individual browsers.

Log files

The User´s browser automatically reports certain information each time the Provider´s website is viewed. The servers automatically record certain information that the web browser sends each time the website is visited. These server logs (“log files”) may include information such as the web request, IP address, browser type, browser language, referring/exit pages and URLs, platform type, number of clicks, domain names, landing pages, number of pages viewed and the order of those pages, amount of time spent on certain pages, date and time of the request, and one or more cookies allowing unique identification of the browser.

Social networks

The Provider uses social networks in order to communicate with customers, prospective customers and users who are logged in and to inform them about its offers.

The Provider advices that these platforms and their functions are used by the User at his/her own risk, in particular with regard to the use of interactive features (e.g. commenting, sharing, rating). The Provider bears no responsibility for the handling of these personal data and points out that personal data may be processed outside the European Union.

FINAL PROVISIONS

The Provider may update this Privacy Policy from time to time. The current version of the Privacy Policy will always be available on the Provider´s website. In case of a material change in the way personal data are handled in this Privacy Policy, the Provider will inform the User by visibly posting a notice prior to the implementation of such changes.

Last update: 14 February 2022