Bravion Group
CZEN
Skip to main content

Personal data protection

Information on personal data processing

Tady najdete přehled, jak společnost Bravion Group s.r.o. pracuje s osobními údaji při poptávkách, náboru, smluvní spolupráci a provozu webu Bravion.cz. The overview shows what data we use, why we need it, who it may be transferred to and what rights you can exercise.

Poslední aktualizace: 20 May 2026

Personal data controller

Name
Bravion Group s.r.o.
Company ID
23281839
Registered office
Lidicka 700/19, 602 00 Brno - Veveri

In brief

We do not sell personal data and do not use it for mass marketing without an appropriate legal basis.

Do not send sensitive data, birth numbers, copies of documents or information that is not necessary for first contact or assignment description through forms.

We do not perform automated decision-making or profiling on the website that would have legal or similarly significant effects for you.

Cookies a obdobná úložiště popisuje samostatná stránka Cookie policy.

What happens if you do not provide data

You provide contact details in the form voluntarily. Without e-mail or phone, however, we cannot reply, clarify the brief or prepare an offer.

Data for the contract, assignment operation and invoicing is necessary to order and properly provide the service. Without it, it may not be possible to conclude cooperation or fulfil statutory accounting and tax obligations.

For assignments involving visitor records, entrance regimes, camera supervision or other personal data of people on site, processing roles and scope are handled according to the specific contract and operating documents.

Enquiries and business communication

Účel
Handling a form message, follow-up communication, preparing an offer and agreeing the next steps.
Právní základ
Art. 6(1)(b) GDPR if the communication is directed toward concluding a contract. For ordinary business records, also Art. 6(1)(f) GDPR - legitimate interest in handling and documenting communication.
Rozsah údajů
Name, company or organisation, e-mail, phone, service type, location, date, message content and data you add yourself about the assignment.
Doba uchování
For the time needed to handle the enquiry and then for no longer than 12 months from the last communication, unless a contractual relationship is created. If cooperation is concluded, contractual, accounting and tax retention periods follow.
Příjemci a zpracovatelé
Formspree for form delivery, hosting provider, website technical administration and people handling business communication.

Contractual and operational agenda

Účel
Contract preparation, fulfilment of ordered services, operational communication, performance records, invoicing and fulfilment of accounting or tax obligations.
Právní základ
Art. 6(1)(b) GDPR - performance of a contract. Art. 6(1)(c) GDPR - compliance with legal obligations. For protection of legal claims, also Art. 6(1)(f) GDPR.
Rozsah údajů
Identification and contact details of the client, billing details, contractual documentation, operating instructions, handover information and related communication.
Doba uchování
For the duration of the contractual relationship and then for the period required by law. Accounting and tax documents are usually retained for 10 years.
Příjemci a zpracovatelé
Accounting and tax advisers, operational IT service providers, legal advisers and public authorities if required by law.

Recruitment and career form

Účel
Assessment of a response to a job offer, communication with the candidate and organisation of the selection process.
Právní základ
Art. 6(1)(b) GDPR - steps prior to entering into an employment or similar relationship at the candidate request. For protection of legal claims, also Art. 6(1)(f) GDPR.
Rozsah údajů
Name, e-mail, phone, selected position, message, experience, availability and information about a certificate or qualification if you provide it.
Doba uchování
For the duration of the selection process and then for no longer than 6 months after it ends, unless cooperation is created or another legal reason for longer retention exists.
Příjemci a zpracovatelé
Formspree for form delivery and, internally, people involved in recruitment, shifts and operational leadership.

Form protection and website security

Účel
Limiting repeated form submissions, spam prevention and protection of the website against technical abuse.
Právní základ
Art. 6(1)(f) GDPR - legitimate interest in secure website operation and form protection.
Rozsah údajů
IP address, request time and basic technical context needed for form protection.
Doba uchování
For the necessary time for form protection, usually in minutes. For operational security logs, the period may be longer depending on hosting settings.
Příjemci a zpracovatelé
Website operator, hosting provider and possibly a technical service for limiting repeated requests.

Website analytics after consent

Účel
Traffic measurement, basic evaluation of website use, contact click measurement and indicative evaluation of traffic sources.
Právní základ
Art. 6(1)(a) GDPR - consent given in the cookie banner. You can change consent at any time through cookie settings.
Rozsah údajů
Technical and analytical identifiers, information about the visit, website interaction, traffic source and clicks on phone or e-mail.
Doba uchování
According to the lifetime of individual identifiers, Google Analytics settings and the stored browser choice. Details are stated in the cookie policy.
Příjemci a zpracovatelé
Google Analytics and technical services related to website analytics, only after consent is given.

Where we obtain data from

  • data you send yourself via form, e-mail, phone or during a business meeting
  • data created during offer preparation, contract conclusion and operation of the ordered security service
  • data from career responses and follow-up recruitment communication
  • technical data created when using the website, forms and analytics after consent
  • data from public registers or publicly available sources if needed for company verification, contract preparation or invoicing

How we protect data

  • only people who need the data for a specific purpose have access
  • business communication, recruitment, contractual documentation and analytics are kept separately by purpose
  • we use external services only to the extent necessary for forms, hosting, analytics, accounting or legal protection
  • we delete or archive data after the set retention periods expire
  • contact and company details in legal texts, forms and website footer come from one company source

Processors, transfers and legal claims

We transfer personal data only when necessary for a specific processing purpose. Typically this includes hosting, technical website administration, Formspree for form delivery, Google Analytics after consent, accounting and tax advisers, legal advisers or public authorities.

Some external services may process data outside the European Union or European Economic Area. In that case, we use services only to the extent needed for the given purpose and rely on contractual and security mechanisms required by GDPR for data transfers.

Some data may be retained longer than ordinary operational periods if necessary to fulfil a legal obligation, accounting, tax records, complaint handling, inspection by a public authority or protection and defence of legal claims.

Your rights

  • request access to your personal data
  • request correction of inaccurate or incomplete data
  • request erasure or restriction of processing if GDPR conditions are met
  • object to processing based on legitimate interest
  • withdraw consent if processing is based on consent
  • request data portability within the scope set by GDPR
  • file a complaint with the Office for Personal Data Protection

Stížnost můžete podat u Úřadu pro ochranu osobních údajů, Pplk. Sochora 27, 170 00 Praha 7, uoou.gov.cz.

How to contact us about data

Práva můžete uplatnit e-mailem na info@bravion.cz, by phone or another understandable method. If we need to verify identity, we will request reasonable additional information.

We respond to requests without undue delay, no later than within one month. For more complex or repeated requests, the period may be extended under GDPR; in that case you will receive information about the reason for extension.

If the question concerns the website, forms or analytics, a link to the specific page or a short description of the situation helps us.