top of page

GDPR (Privacy Policy)

Effective from: December 4, 2025


1. Introduction

This Privacy Policy (“Policy”) describes how I process the personal data of visitors to the website www. katkarojkova.cz and clients using my services (yoga, meditation, shiatsu, workshops, retreats).
The Policy is created in accordance with:
· Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR),
· Act No. 110/2019 Coll., on the Processing of Personal Data,
· Act No. 480/2004 Coll., on Certain Information Society Services,
· Act No. 127/2005 Coll., on Electronic Communications.


2. Data Controller

Mgr. Kateřina Rojková
Bělá nad Svitavou 11, 569 05 Bělá nad Svitavou
Company ID: 87518929
Phone: +420 776 550 524
Email: rujana@email.cz

The controller is not required to appoint a Data Protection Officer.


3. What Personal Data I Process

3.1 Identification and Contact Data

· First and last name
· Email, phone number
· Billing information (for entrepreneurs: Company ID/VAT ID)

3.2 Data Necessary for Reservations and Event Participation

· Information about the reserved class, workshop, retreat, or treatment
· Order, payment, and reservation change history

3.3 User Account Data

If you create a profile in the website’s member section (Wix Members Area):
· Login email
· Profile settings
· Overview of reservations and orders
(Passwords remain only in the encrypted storage of the Wix platform; the controller does not have access to them.)

3.4 Communication

· Content of emails, messages, or phone communications related to reservations or service organization

3.5 Health Data (Sensitive Data) — Voluntarily Provided Only

If you voluntarily provide information about your health (e.g., exercise limitations), I process it only:
· With your explicit consent
· For the purpose of safely adapting the class or treatment
Without consent, such data is not processed.

3.6 Cookies and Technical Data

· IP address, device type, browser
· Website interactions, navigation, visit duration
· Cookies (technical, functional; analytical and marketing only with consent)
A detailed overview of cookies is provided in the separate “Cookie Settings” section.„Nastavení cookies“.


4. Purposes and Legal Bases for Processing

4.1 Contract Performance (Art. 6(1)(b) GDPR)

· Service reservations
· Communication regarding confirmations, changes, and organization
· Provision of purchased services

4.2 Compliance with Legal Obligations (Art. 6(1)(c) GDPR)

· Accounting
· Tax and record-keeping obligations

4.3 Legitimate Interest of the Controller (Art. 6(1)(f) GDPR)

· Technical security and website functionality
· Protection of legal claims
· Sending information about similar services to existing clients (with the option to unsubscribe at any time)

4.4 Data Subject’s Consent (Art. 6(1)(a), Art. 9(2)(a) GDPR)

· Providing health information for safe practice
· Sending marketing communications if there is no customer–client relationship
· Marketing and analytical cookies
You may withdraw your consent at any time.


5. Data Retention Period

· Data for contract performance: for the duration of the contractual relationship + 3 years
· Accounting documents: 5–10 years as required by law
· Data processed based on consent: until consent is withdrawn
· Technical logs: usually several weeks to months (depending on platform settings)


6. Recipients and Processors of Personal Data

6.1 Wix.com Ltd.

The website, reservation system, cart, and member section are operated on the platform:
Wix.com Ltd.
40 Namal Tel Aviv St., Tel Aviv 6350671, Israel
Wix provides:
· Hosting and secure data storage
· Customer accounts
· Payment and reservation modules
Wix acts as a processor and complies with GDPR.
Transfers to Israel are covered by the EU adequacy decision.
Any further transfers (e.g., to the USA) are based on standard contractual clauses or the EU–US Data Privacy Framework, if the recipient is certified.

6.2 Other Recipients

· Accountants, tax advisors
· Payment service providers
· IT providers, marketing and advertising service providers
· Public authorities, if required by law
All transfers are made to the minimum necessary extent.


7. Cookies

The website uses:
· Essential (technical) cookies – necessary for proper website functionality
· Functional cookies
· Analytical and marketing cookies – only with user consent
Users can change their cookie consent settings at any time via the “Cookie Settings” link.


8. Data Protection

I implement appropriate technical and organizational measures, in particular:
· Secure data transmission (HTTPS)
· Protection of user accounts (Wix security standards)
· Limited access for authorized persons only
· Regular review and updating of security processes


9. Data Subject Rights

You have the following rights:
· Right of access to data
· Right to rectification of inaccurate data
· Right to erasure (if there is no longer a legal reason for processing)
· Right to restriction of processing
· Right to data portability
· Right to object to processing based on legitimate interest
· Right to withdraw consent at any time
· Right to lodge a complaint with the Data Protection Authority

Contact for Exercising Rights

Email: rujana@email.cz
Phone: +420 776 550 524

Supervisory Authority

Office for Personal Data Protection
Pplk. Sochora 27, 170 00 Prague 7
Website: www.uoou.gov.cz


10. Final Provisions

This Policy may be updated according to changes in services, legal regulations, or technologies used.
The current version is always available on this website.

bottom of page