top of page

Privacy Policy

Thank you for visiting the Xeek.tech website. In this section, we inform you about the ways in which we collect, use, share, and protect your personal data. Please read the following information carefully so that you understand our practices and policies for processing your information.

​Identification of the administrator

 

1. Identification of the Controller

 

The controller of your personal data within the meaning of Regulation (EU) 2016/679 (the “GDPR”) is:

  • Company name: Xeek s.r.o.

  • Company ID: 17231001

  • Registered office: Anny Letenske 34/7, 120 00 Prague 2 – Vinohrady, Czech Republic

  • Email: info@xeek.tech

  • Telephone: +420 222 16 00 16

  • Registered with the Municipal Court in Prague, Section C, Insert 368585
     

We have not appointed a Data Protection Officer (DPO) as we are not required to do so under Article 37 GDPR. If you have any questions or concerns regarding the processing of your personal data, please contact us using the details above.
 

2. Personal Data We Collect

We process only the personal data necessary for the purposes described below.
 

2.1 Data you provide directly
 

When you contact us through the contact form, by email, or by telephone, we may collect:
 

  • First name and surname

  • Email address

  • Telephone number

  • Company name and job title (if provided)

  • Content of your message and any attachments
     

2.2 Data collected automatically
 

When you visit our website, the following data may be collected automatically through cookies and similar technologies (only with your consent where required):
 

  • IP address (typically truncated/anonymised by our analytics provider)

  • Browser type and version, operating system, device type

  • Referring URL, pages visited, time and duration of visit

  • Approximate geographic location (country/city level)
     

3. Purposes and Legal Bases of Processing


We process your personal data on the following legal bases under Article 6(1) GDPR:
 

3.1 Performance of a contract – Article 6(1)(b) GDPR


To negotiate, conclude, and perform contracts with our clients, suppliers, and business partners, including invoicing and customer support.


3.2 Compliance with legal obligations – Article 6(1)(c) GDPR


To comply with our obligations under accounting, tax, and other applicable legislation.
 

3.3 Legitimate interests – Article 6(1)(f) GDPR
 

To respond to inquiries received via the contact form or email, to protect our network and website (security cookies), and for direct marketing of our services to existing clients. You may object to processing based on legitimate interests at any time.
 

3.4 Consent – Article 6(1)(a) GDPR
 

For analytical and marketing cookies, and for marketing communications to prospects who are not yet our clients. You may withdraw your consent at any time without affecting the lawfulness of processing carried out before withdrawal.
 

4. Recipients and Processors
 

We do not sell or rent your personal data. We share it only with carefully selected providers who process it on our behalf under data processing agreements compliant with Article 28 GDPR, or where required by law.

Categories of recipients include:
 

  • Website hosting and content management provider – Wix.com Ltd. (Israel/EU)

  • Web analytics provider – Google LLC (Google Analytics 4, USA)

  • Advertising and conversion-tracking providers – LinkedIn Ireland Unlimited Company / LinkedIn Corporation (LinkedIn Insight Tag, Ireland/USA)

  • Email and productivity providers (e.g. Microsoft 365 / Google Workspace)

  • Accounting, tax, and legal advisors

  • Public authorities, courts, and law enforcement bodies, where we are required by law to disclose data
     

5. Transfers Outside the EU/EEA
 

Some of our processors are located in third countries (in particular the United States). Where personal data is transferred outside the EU/EEA, we ensure an appropriate level of protection through one or more of the following safeguards:

  • Adequacy decision under Article 45 GDPR (e.g. EU–US Data Privacy Framework, where applicable)

  • Standard Contractual Clauses adopted by the European Commission under Article 46(2) GDPR

  • Supplementary technical and organisational measures where necessary

Further information about specific safeguards is available on request via info@xeek.tech.
 

6. Retention Periods
 

We retain your personal data only for as long as necessary for the purposes for which it was collected. The principal retention periods are:
 

  • Contact form / email inquiries that do not lead to a contract: up to 12 months from the last communication

  • Client contractual data: for the duration of the contract and 10 years thereafter (in line with statutory limitation and accounting obligations)

  • Accounting and tax documents: 10 years (Act No. 563/1991 Coll., Act No. 235/2004 Coll.)

  • Marketing on the basis of consent: until consent is withdrawn, or 3 years from the last interaction, whichever is earlier

  • Cookies: see Section 10 below
     

After the retention period expires, the data is deleted or irreversibly anonymised.
 

7. Your Rights as a Data Subject
 

Under the GDPR, you have the following rights, which you may exercise free of charge by contacting us at info@xeek.tech:
 

  • Right of access to your personal data (Art. 15 GDPR)

  • Right to rectification of inaccurate or incomplete data (Art. 16 GDPR)

  • Right to erasure (“right to be forgotten”), subject to statutory exceptions (Art. 17 GDPR)

  • Right to restriction of processing (Art. 18 GDPR)

  • Right to data portability (Art. 20 GDPR)

  • Right to object to processing based on legitimate interests or for direct marketing (Art. 21 GDPR)

  • Right to withdraw consent at any time, without affecting prior lawful processing (Art. 7(3) GDPR)
     

You also have the right to lodge a complaint with a supervisory authority. In the Czech Republic this is:
 

  • Urad pro ochranu osobních udaju (Office for Personal Data Protection)

  • Pplk. Sochora 27, 170 00 Praha 7

  • Web: www.uoou.cz
     

8. Automated Decision-Making and Profiling


We do not engage in automated decision-making, including profiling, that produces legal effects concerning you or similarly significantly affects you within the meaning of Article 22 GDPR.
 

9. Data Security
 

We implement appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful access, alteration, disclosure, loss, or destruction. These measures include encryption in transit (TLS), access controls, regular backups, security monitoring, and staff training.
 

10. Cookies and Similar Technologies


Our website uses cookies to ensure proper functioning, to analyse traffic, and – with your consent – for marketing purposes. When you first visit the site, you can accept all cookies, accept only strictly necessary cookies, or configure your preferences in detailed settings. You can change or withdraw your consent at any time via the cookie settings link on our website.


10.1 Categories of cookies

Strictly necessary / functional
 

Required for the website to function (e.g. session management, load balancing, security). Consent is not required.

Analytical
 

Used to measure website traffic and visitor behaviour in aggregated form. Set only with your consent.

Marketing
 

Used for personalised advertising and conversion tracking on third-party platforms. Set only with your consent.

10.2 Managing cookies in your browser
 

Most browsers also allow you to view, manage, or delete cookies through their settings. Please refer to your browser’s help section for instructions. Note that disabling strictly necessary cookies may impair the functionality of the website.

11. Children
 

Our website and services are not directed to individuals under 16 years of age, and we do not knowingly collect personal data from them. If you believe we may have collected such data, please contact us so that we can delete it.


12. Changes to this Privacy Policy
 

We may update this Privacy Policy from time to time. The current version is always available on this page, and the effective date at the top reflects the date of the most recent update. Material changes will be communicated via a notice on our website.

13. Contact
 

If you have any questions about this Privacy Policy or about how your personal data is processed, please contact us:
 

  • Xeek s.r.o., Anny Letenske 34/7, 120 00 Prague 2 – Vinohrady, Czech Republic

  • Email: info@xeek.tech

  • Telephone: +420 222 16 00 16

 

Xeek s.r.o., Prague – April 2026.

bottom of page