Privacy Policy

Welcome to our Privacy Policy, where you can find comprehensive information regarding the collection and processing of Personal Data by Wisdom Tree s.r.o. located at Dlouha 715/38, 110 00 Prague 1, Czech Republic (referred to as "us" or "we"). We act as the data controller in accordance with the Data Processing Act implementing the GDPR, Act No. 110/2019 Coll. ("DPA"), and the European Union's General Data Protection Regulation ("GDPR"). You will discover what Personal Data we collect and process, why we do it, your rights, and how to exercise them.

For any questions or concerns, please feel free to contact us at [email protected].

What is Personal Data?

Personal Data refers to information related to personal or material circumstances that can be attributed to an identified or identifiable individual. This includes data such as your name, date of birth, email address, postal address, telephone number, and online identifiers like IP addresses. Information of a general nature, which cannot identify you, such as website user counts, is not considered Personal Data.

What is Data Processing?

"Processing" encompasses any operation or set of operations carried out on Personal Data, whether manually or automatically. It is a broad term that covers virtually any handling of data.

Legal Basis for Processing

In the following sections, we will inform you of the legal basis on which we process Personal Data. If specific legal bases apply in individual cases, we will provide separate information.

  • Consent - Processing of Personal Data is based on the consent of the data subject for specific purposes.
  • Performance of a Contract and Pre-contractual Inquiries - Processing is necessary for executing a contract in which the data subject is a party or for fulfilling pre-contractual measures at the data subject's request.
  • Legitimate Interests - Processing is necessary for the legitimate interests of the data controller or a third party, unless such interests are overridden by the data subject's interests or fundamental rights and freedoms that require Personal Data protection.

Your Rights

Under the DPA and GDPR, you have the following rights:

a) Right to Information
You can request information and/or copies of your stored Personal Data.

b) Right to Rectification
You can request the correction and/or completion of your Personal Data without delay.

c) Right to Object to Processing
You can request restrictions on the processing of your Personal Data if the data's accuracy is disputed by you, if processing is unlawful, you object to erasure, we no longer need the data but you require it for legal claims, or you have objected to the processing.

d) Right to Deletion
You can request the erasure of your stored Personal Data unless it's required for legal obligations, public interest, or legal claims.

e) Right to Data Portability
You can request your Personal Data, which you provided to us, in a structured, machine-readable format. We can transmit this data to another responsible party if technically feasible.

f) Right of Objection
If your Personal Data is processed based on legitimate interests, you can object to the processing at any time. If we process your data for direct marketing, you can object to it, including profiling related to direct marketing.

g) Right to Withdraw Consent
You can withdraw your consent to data collection at any time, although data collected before withdrawal remains unaffected. Implementation of your withdrawal may take some time for technical reasons.

h) Right to Complain to a Supervisory Authority
If your Personal Data processing violates data protection law or your data protection rights are otherwise violated, you can file a complaint with your local supervisory authority.

i) Right to Avoid Automated Decision-Making
You have the right not to be subject to decisions based solely on automated processing that significantly affect you.

To exercise these rights, please contact us. For your protection and the protection of all users, we may need to confirm your identity before responding.

The Supervisory Authority

The Office for Personal Data Protection (OPDP) in the Czech Republic is the relevant authority for data protection matters. You have the right to lodge a complaint with the OPDP (www.uoou.cz). We encourage you to reach out to us first to address your concerns before contacting the OPDP.

Updating Your Information

If you believe the information we hold about you is inaccurate or no longer necessary, and you want to request rectification, deletion, or object to processing, please contact us at [email protected].

Access Request

Should you wish to make a Data Subject Access Request, please notify us in writing at [email protected].

We will respond to access and correction requests as soon as reasonably possible. If we cannot respond within 30 days of receiving your request, we will notify you within that time frame and explain the delay. We will also inform you of the reasons if we are unable to provide you with requested Personal Data or make corrections, unless legal regulations prohibit us from doing so.

Processing of Personal Data

In the course of our business and website operations, we process data, which may involve data transfer to our headquarters in France. Data may also be disclosed to third parties and third countries outside the European Economic Area (EEA). When we engage third parties in third countries to provide services, we take appropriate legal and technical measures to ensure Personal Data protection in compliance with relevant legal regulations.

a) Access Data and Hosting
You can visit our website without providing Personal Data. When you access our website, the web server automatically logs a server log file containing the requested file's name, your IP address, access date and time, data volume, and requesting provider (access data and log files). This access data is used to ensure the website's proper functioning and improve our services. It serves our legitimate interest in presenting our website accurately. Access data is deleted within seven days of your visit.

b) Contacting Us
When you contact us via email or social media, we store and process your provided data, including email address, name, and telephone number if provided. We use this data exclusively for contacting you and addressing your requests, then delete it unless a legal obligation requires retention. Processing is based on contract and legitimate interest.

c) Data Collection and Use for Contract Processing
We collect Personal Information voluntarily provided in the context of services you order or use (e.g., advertising or affiliate services). Mandatory fields are marked, as this data is necessary for contract processing.

d) Marketing
If you have given us separate consent for marketing and advertising data processing, we may contact you through the communication channels you've agreed to. Consent may be given in various ways, including selecting a box on a form or implied consent based on your interactions or contractual relationship with us.

Direct Marketing may involve email and other channels, with an option to unsubscribe or opt out provided in every marketing communication.

Data Transfer

We use specialized service providers to process your data, selected and monitored by us. They process Personal Data only on our behalf and under our instructions, following commissioned processing contracts. We may also disclose Personal Data to third parties if legally required, e.g., by court order, or to support investigations or fulfill our legitimate interests.

Data Security

We follow the principle of processing only necessary Personal Data for our services, ensuring your privacy and data confidentiality. Data transmission is secured with HTTPS encryption, providing secure data transfer on the Internet. We implement technical and organizational security measures throughout our company to protect data from manipulation, loss, destruction, or unauthorized access.

Data Storage Duration

We store Personal Data on secure servers for as long as necessary for processing purposes or until consent is revoked. Statutory retention obligations may require data storage for up to 6 years, regardless of processing purposes.

Automated Decision-Making

We do not employ automated decision-making, including profiling.

Personal Data and Children

We do not knowingly collect, use, or disclose Personal Data from individuals under 18 years old without parental consent through direct offline contact.

Changes and Updates

We encourage you to stay informed about our Privacy Policy, as we may update it to reflect changes in our data processing activities. The last update occurred on Monday, August 21, 2023.

Concerns and Contact

If you have any concerns about your privacy, misuse of your Personal Data, or any other questions, comments, or wish to exercise your rights under applicable laws, please contact us.