1. Data Controller

The data controller is:

můjBrand s.r.o.
Company ID: 23231874
E-mail: hello@createmybrand.net (hereinafter referred to as the “Controller”)

The Controller processes personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR).

2. What Personal Data We Process

We process the following personal data:

a) Identification and contact data

• name and surname

• email address

• phone number (if provided)

b) Service usage data

• IP address

• cookies and technical identifiers

• information about device and browser

• website behavior (analytics)

c) Data provided within the service

• data entered into the application (e.g. texts, branding inputs)

3. Purposes of Processing and Legal Bases

3.1 Contract performance

We process personal data for the purpose of:

• providing the service (AI branding application)

• creating and managing user accounts

Legal basis: performance of a contract under Art. 6(1)(b) GDPR

3.2 Legitimate interest

We process personal data for the purpose of:

• ensuring service security

• preventing misuse

• basic website analytics

Legal basis: legitimate interest under Art. 6(1)(f) GDPR

3.3 Marketing (newsletter, commercial communication)

• sending news and marketing communications

Legal basis:

• consent under Art. 6(1)(a) GDPR

• or legitimate interest (for existing customers)

3.4 Cookies and analytics

We use cookies for:

• website functionality (essential cookies)

• traffic analysis

Legal basis:

• essential cookies: legitimate interest

• other cookies: consent

4. Data Retention Period

We retain personal data:

• for the duration of the contractual relationship

• for 3 years from the last activity (marketing)

• as required by applicable laws (e.g. accounting up to 10 years)

After this period, the data is deleted or anonymized.

5. Recipients of Personal Data (Third Parties)

Your data may be shared with the following processors:

• hosting providers

• analytics providers (e.g. Google Analytics)

• email marketing providers (e.g. Ecomail / Mailchimp)

• cloud service providers

If data is transferred outside the EU, we ensure appropriate safeguards (e.g. Standard Contractual Clauses).

6. Data Subject Rights

You have the right to:

• access your personal data

• rectify inaccurate data

• erasure (“right to be forgotten”)

• restriction of processing

• data portability

• object to processing

• lodge a complaint with a supervisory authority

To exercise your rights, contact us at the email above.

7. Data Security

The Controller has implemented technical and organizational measures to protect personal data, including:

• encrypted communication (HTTPS)

• access restrictions

• secure servers

8. Automated Decision-Making and AI

Within the service, personal data may be processed using AI tools.

This processing:

• is not used for legal decision-making

• does not have significant legal effects on users

9. Final Provisions

This Privacy Policy may be updated from time to time.

The current version is always available on the Controller’s website.