Privacy policy

Dear visitors to our website www.solers.legal,

Dear prospective clients seeking legal services,

Dear clients,

Our law firm, Solers legal s.r.o., would like to inform you about the processing of your personal data that you provide to us when visiting our website www.solers.legal, filling out the contact form on our website www.solers.legal, directly contacting our law firm Solers legal s.r.o. (using the contact information provided on our website) via telephone, email, or other means, or by coming to a personal meeting. Our law firm places great emphasis on a responsible approach to the protection of personal data and on protecting the personal data of visitors to their website, prospective clients, and clients from any unauthorized interference. The following principles of personal data processing provide simplified information about the methods of processing the personal data of our clients, the categories of personal data processed for clients, the rights related to the processing of personal data by our law firm, and our obligations in the context of protecting the personal data of our clients. In the event that you enter into a contract for the provision of legal services with our law firm and become our client, we will also provide you with direct information on the principles of personal data processing that are intended for our clients.

  1. 1) Who is the data controller?

  2. The data controller of your personal data is Solers legal s.r.o., with its registered office at Jičínská 1346/6, Vinohrady, 130 00 Prague 3, ID number: 17194610. This company is registered in the Commercial Register kept by the Municipal Court in Prague under file number C 368060. In the document, this company is also referred to as the “controller” or “law firm.”

  3.  
  4. 2) What are the Principles of Personal Data Processing?

  5. These principles are issued and published in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”). These Principles of Personal Data Processing fulfill the information obligations of the Controller as stipulated in Articles 13 and 14 of the GDPR.

  6.  
  7. 3) Whose personal data is processed by the Controller?

  8. As the data controller, the law firm undertakes to process personal data in accordance with applicable laws, especially the GDPR. For the purpose of providing legal services, the controller processes the data of the following individuals: clients, business partners and their representatives and/or other contact persons, prospective clients interested in legal services, employees, and website visitors.

  9. 4) What categories of personal data are processed?

For the purpose of providing legal services, the data controller processes (in particular) the following categories of personal data:

a) Basic personal identification data and address details of individuals mentioned in point 3):

    • Academic title of the individual
    • First name and surname of the individual
    • Business name of the individual conducting business
    • Date of birth of the individual
    • Gender of the individual
    • Identification number (IČO) of the individual conducting business
    • Tax identification number (DIČ) of the individual conducting business
    • Function of the individual acting on behalf of a legal entity
    • Permanent address of the individual (street, street number/house number, any additional address details, postal code, city, country)
    • Registered address of the individual conducting business or the place of business of the individual conducting business (street, street number/house number, any additional address details, postal code, city, country)
    • Billing address of the individual conducting business
    • Numbers from identification documents provided (e.g., ID card number)
    • Identification details of the authorized representative (business) of the individual or contact person (business) of the individual
    • Banking information of the individual conducting business
    • Information about membership in professional chambers (business) of the individual
    • Signature of the individual conducting business

For the purpose of providing legal services, the data controller processes (in particular) the following categories of personal data:

b) Contact details of individuals:

Contact telephone number for communication with the individual

Contact email address for communication with the individual

c) Data about provided legal services.

These are data related to the provided legal service:

      • Service specification
      • Type of service
      • Information about the use of the provided service
      • Price for providing the service
      • Payment information for the provided service

d) Data processed in connection with the operation of the website

These are categories of data that the Controller processes in connection with the use of the website:

      • Date and time of visits to our website www.solers.legal
      • IP address of the user and other technical data about the device from which the website is accessed

e) Personal data of individuals under 15 years of age

Our law firm does not offer services to individuals under the age of 15, and for this reason, it does not process their personal data. If the processing of a child’s personal data were to occur, it would only happen with the consent of their legal guardian – i.e., a parent, a court-appointed guardian, or another person exercising parental responsibility for the child.

5) On what legal basis and for what purpose are personal data processed?

A) Processing of personal data based on the law and on a contract: Our law firm is required by law to process certain categories of personal data, and some personal data must be processed in connection with the establishment of a contractual relationship between our law firm and a client (e.g., a contract for legal services). Without the client providing such personal data and allowing their processing, the services of the law firm cannot be carried out. Personal data provided based on the law and/or a contract (e.g., contracts for legal services) cannot be deleted or anonymized upon your request.
Personal data is processed based on the law and/or a contract primarily for the following purposes:

  • Entering into and fulfilling a contract for legal services
  • Performance of a contract for legal services
  • Fulfillment of legal obligations
  • Fulfillment of legal obligations, e.g., compliance with Law No. 253/2008 Coll., on certain measures against money laundering and terrorism financing
  • Fulfillment of legal obligations, including obligations of our company arising from legal regulations related to criminal proceedings with the obligation to cooperate with the Czech Police and other state authorities.

B) Processing of personal data for the purposes of protecting the legitimate interests of our law firm:

Our law firm also processes personal data of individuals when it is necessary to protect its legitimate interests, following careful consideration of individual cases and a comparison of the law firm’s legitimate interests with the rights and freedoms of the other party. Consent is not required for the processing of such personal data; however, individuals who do not agree with such processing of personal data can file a complaint against the data processing with the data controller. Personal data is processed for the purpose of protecting the legitimate interests of the law firm, including but not limited to the following purposes:

  • Recovery of legitimate claims of our law firm against third parties, including debtors.
  • Keeping records of debtors of our law firm.
  • Transmitting your personal data for internal administrative and accounting purposes both within and outside our company.
  • Securing personal data for the purpose of collecting information about basic network identifiers of visitors to the website www.solers.legal.
  • Securing personal data for the purpose of ensuring and rectifying any technical issues on the website www.solers.legal.

C) Processing of personal data based on provided consent:

If there is no other legal basis, the processing of personal data can only occur based on the prior consent of the individual whose data is to be processed. The given consent can be revoked at any time (e.g., by a written request and/or an email sent to the data controller’s address). In case of revocation of consent, the personal data of the individual who revoked consent will be deleted or anonymized. However, deletion or anonymization of personal data will not occur if the same data is being processed for another legal reason (e.g., based on the law). The fact that consent for the processing of personal data has been revoked does not affect the legality of the processing of personal data that occurred before the consent was revoked.

With consent, personal data is processed, including but not limited to, the following types of personal data:

  • Processing of personal data as listed in point 4) above through a contact form available on the website of the law firm www.solers.legal.
  • Processing of personal data based on the first meeting or other contact. Your personal data is processed based on your interest in legal services and our interest in responding to your inquiry.

  • 6) For how long are personal data processed?

Personal data is processed only for the period that is strictly necessary. The law firm processes personal data for the duration of preparing a response to a request for legal services or a query regarding a legal issue, and subsequently for a period of 5 years. After this period, personal data of individuals is entirely removed. Personal data of clients is processed for the duration of the validity of the contract for legal assistance or the duration of the power of attorney. Afterward, it will be handled in accordance with applicable legal regulations, especially Law No. 85/1996 Coll., on advocacy, as amended, Law No. 499/2004 Coll., on archives and file services and on the amendment of certain laws, as amended, Law No. 235/2004 Coll., on value-added tax, as amended, Law No. 253/2008 Coll., on certain measures against money laundering and terrorism financing, as amended, and GDPR regulations. Information related to unpaid obligations is processed until the claim expires or becomes time-barred. Personal data processed based on granted consent is archived for a period of 5 years or until consent for their processing is revoked. In addition to the above, the law firm also retains personal data of individuals when the individual provides explicit consent for this purpose.


7) Where are your personal data obtained from?

Personal data processed by the law firm are typically provided directly by data subjects within the meaning of the GDPR, namely visitors to the website www.solers.legal, prospective clients interested in the legal services, and clients of the law firm. In some cases, personal data may be obtained from another data controller or processor of personal data. In such cases, it is always verified whether the transfer of personal data occurred with prior consent. Personal data is also obtained from publicly available sources, and acquired personal data is verified and cross-referenced with information from public sources. Specifically, this includes public registers and collections of documents under Act No. 304/2013 Coll., on public registers of legal and natural persons, as amended, the Trade Register under Act No. 455/1991 Coll., on trade licensing (Trade Licensing Act), as amended, the Land Registry under Act No. 256/2013 Coll., on land registries (Land Registry Act), as amended, the Insolvency Register under Act No. 182/2006 Coll., on insolvency and methods of its resolution (Insolvency Act), as amended, the central records of execution under Act No. 120/2001 Coll., on judicial executors and execution proceedings (Execution Code), as amended, the register of value-added tax payers under Act No. 235/2004 Coll., on value-added tax, as amended, and the records and lists of documents regarding marital property regimes and the register of pledges under Act No. 358/1992 Coll., on notaries and their activities (Notarial Code), as amended.


8) To whom are personal data disclosed?

The law firm, in fulfilling its legal obligations, contractual obligations, protecting its legitimate interests, and all other activities related to the acquisition and processing of personal data, may, in certain cases, collaborate with various professionals (vendors). These include the following categories of individuals or processors of personal data: providers of accounting and tax services, lawyers, court experts, and auditors, providers of IT systems and services, postal and transportation services, and others. These processors of your personal data are not authorized to further use these personal data in any way; our vendors are also prohibited from handling personal data in violation of our instructions and any contracts that may be in place. Personal data is provided to these individuals only to the extent necessary. Personal data is processed by individuals located in the Czech Republic and individuals located in other European Union member states. The transfer of personal data to third countries (i.e., countries outside the European Union) only occurs in accordance with the conditions for permissibility set out in Articles 44 to 49 of the GDPR. The list of service providers may vary on a case-by-case basis, depending on the client’s needs and the scope of their case; the names of providers for each individual case are communicated separately to clients. Furthermore, personal data is disclosed to public authorities in accordance with legal regulations (Article 6(1)(c) of the GDPR and Article 6(1)(f) of the GDPR).


9) What are your rights in connection with the processing of your personal data?

a) Right to object to the processing of personal data: In accordance with Article 21 of the GDPR, anyone whose personal data is being processed has the right to object to the processing of their personal data, which concerns them, based on Article 6(1)(e) to (f) of the GDPR, including profiling based on these provisions. The data controller will no longer process the personal data unless they demonstrate compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the data subject or for the establishment, exercise, or defense of legal claims. Objections can also be made using automated means using technical specifications or by contacting the contact details provided in Article 1 of these principles for the processing of personal data. It should be noted that the exercise of this right does not affect the lawfulness of the processing of personal data carried out before such objection.

b) Right of access to your personal data: Under Article 15 of the GDPR, everyone has the right to know whether the law firm processes their personal data (i.e., the right to obtain confirmation that their personal data is being processed), what categories of personal data are processed, for what purposes, for how long, where their personal data is obtained, to whom it is disclosed (i.e., to whom your personal data will be made available under the conditions mentioned above and in related legal regulations), who, other than the law firm, processes personal data, whether they have the right to request correction and deletion of personal data, whether they have the right to lodge a complaint with the supervisory authority, and other information in accordance with Article 15 of the GDPR. Please note that if exercising the right results in an adverse impact on the rights and freedoms of third parties, the requested information may not be provided by the law firm.

c) Right to rectification of inaccurate and/or incomplete data: In case someone discovers that personal data processed by the law firm is inaccurate or incomplete, they have the right, under Article 16 of the GDPR, to have the personal data rectified or completed without undue delay upon being informed of such inaccuracies. Considering the purpose of the processing, they also have the right to request additional statements regarding the rectification/completion of their personal data.

d) Right to restriction of processing of personal data: Under Article 18(1)(a) to (d) of the GDPR, everyone has the right to have the processing of their personal data restricted in certain circumstances outlined in the regulation. It should be noted that the exercise of this right does not affect the lawfulness of the processing of your personal data carried out before the exercise of this right.

e) Right to erasure (“right to be forgotten”): In accordance with Article 17(1) of the GDPR, everyone has the right to have the data controller erase their personal data without undue delay if one of the reasons listed in this article of the GDPR applies. If the information has been made public and the data subject requests its erasure, the data controller, taking account of available technology and the cost of implementation, must take reasonable steps, including technical measures, to inform other data controllers processing the personal data that the data subject has requested erasure of any links to, or copy or replication of, those personal data.

f) Right to data portability: Under Article 20 of the GDPR, everyone also has the right to receive their personal data provided to the law firm in connection with the performance of a contract or based on consent in a structured, commonly used, and machine-readable format. At the same time, they have the right to request the transfer of this personal data to another controller (while having the right to demand that their personal data be transferred directly to a designated controller, if technically feasible). This right can only be exercised for personal data processed automatically and again, based on the performance of a contract or consent.

g) Right to withdraw consent: If the processing of personal data is based on consent, everyone has the right to withdraw that consent at any time (see Article 5 above). However, it should be noted that the withdrawal of consent does not affect the lawfulness of the processing of your personal data carried out before the withdrawal of consent.

h) Right to information about recipients of personal data: In accordance with Article 19 of the GDPR, everyone has the right to have, in case of rectification, erasure, or restriction of the processing of their personal data, such fact communicated to all recipients of their personal data (see Article 8 above). At the same time, everyone has the right to request information about these recipients.

i) Right not to be subject to a decision based solely on automated processing: According to Article 22 of the GDPR, everyone also has the right not to be subject to any decision based solely on automated processing, including profiling, which has legal effects on them or significantly affects them. However, it should be noted that no automated decision-making without human intervention with legal or similar significant effects is carried out (see Article 9 above).

j) Right to lodge a complaint with the supervisory authority: If someone suspects that the processing of their personal data has violated the GDPR, they can lodge a complaint with the supervisory authority, the Office for Personal Data Protection, Pplk. Sochora 27, 170 00 Prague 7.


11)  To exercise your rights in accordance with the privacy policy provided, you can follow these steps:

  1. Prepare a written request in which you specify how you would like to receive a response or information regarding the processing of your personal data.

  2. Send your request to the data controller, Solers legal s.r.o, using the contact details provided in section 1 of the privacy policy. You can send your request either by mail or email, as indicated in the policy.

  3. Please note that the data controller may ask you to verify your identity to ensure that the request is being made by the rightful individual. You may be required to provide proof of your identity as part of this verification process.

  4. Once your request has been received and your identity verified, the data controller will respond to your request within one month. In certain cases, this period may be extended by an additional two months if necessary. You will be informed in advance if an extension is needed.

  5. If your request is deemed manifestly unfounded or excessive, the data controller reserves the right to charge a fee for providing the requested information, as mentioned in the privacy policy.

Please make sure to refer to the specific section of the privacy policy that outlines your rights and the procedures for exercising them to ensure that your request is processed correctly.


Solers legal s.r.o