SPOLAK ltd. - reception
SPOLAK ltd. - reception
SPOLAK ltd. - entry
SPOLAK ltd. - headquaters



SPOLAK advokátní kancelář s.r.o. 
with its registered office at 8. března 21/13, Liberec V – Kristiánov, Postcode: 460 05
Business ID No.: 28703448
incorporated in the Commercial Register administered by the Regional Court in Ústí nad Labem – Liberec Branch
in file No. C 27619

(hereinafter the “Company”)

As per Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (GDPR), our Company is the controller of your personal data, which means that the Company processes such data, determines the purposes and means of such processing and is responsible for the same. The purpose of the present Privacy Policy is to provide you with clear and understandable information about the ways in which we process your personal data.

Information contained herein applies to natural persons providing their personal data, in particular, to our customers and business partners, but reasonably also to our potential customers and potential business partners (i.e. persons with whom we have not entered into any contractual relationship yet, but we have already been in contact) as well as to former customers and former business partners whose data we may still process under certain conditions. Information contained herein also reasonably applies to family members and representatives of customers and business partners.

Here you will learn in particular:

  1. What types of your personal data we process;
  2. For what purpose and in what manner we process your personal data;
  3. To whom your personal data may be transferred;
  4. For how long we are going to process your personal data;
  5. What your rights are in relation to the protection of your personal data.

If you need an explanation of any part of the text, advice or you want to discuss further processing of your personal data, you can contact us at any time at the following e-mail address: This email address is being protected from spambots. You need JavaScript enabled to view it.


Principles of personal data processing

  • We process your personal data in a correct, lawful and transparent manner;
  • We collect personal data solely for specific, explicit and legitimate purposes, and we do not process the data in a manner incompatible with such purposes;
  • The scope of the processing of personal data is adequate, relevant and restricted to the fulfilment of the set objectives;
  • We have adopted any and all reasonable measures so as to process solely accurate and updated personal data and so as to erase or rectify any inaccurate personal data without any delay;
  • We store personal data for the period necessary for the purposes for which they are processed;
  • We process personal data only in a manner that ensures their proper security, including their protection by appropriate technical or organisational measures against unauthorised or unlawful processing and against accidental loss, destruction, or damage.


Extent of personal data processing

Identification and address details: academic title(s), name, surname, date of birth, residential address, postal or other contact address, for natural persons/entrepreneurs also their business name or a supplement attached to their name, place of business and business ID No.;

Electronic contact details: telephone, mobile, fax, e-mail address, Data Box ID;

Other personal data necessary for performance of contracts: account number, payment amount, and similar data, if any;

Other personal data provided by you in contractual or other documents, at meetings and when using our services, including subsequent updates.


Collection of personal data

We collect personal data mostly from you. We may collect some of your personal data from publicly available sources or from our own activities. If we collect your personal data from you, we do always take care to inform you whether the providing of such personal data is a legal or contractual requirement, and whether you are under any obligation to provide such personal data, and about the possible consequences of your declining to disclose the said personal data.

We collect your personal data from you namely in the following cases:

On the basis of your requests and within the framework of negotiations on entering into a contract, in personal, telephone, or written communication with you, including e-mail correspondence.

The following represent publicly available sources from which we acquire personal data:

  • Commercial Register
  • Insolvency Register
  • Trade Register
  • Social networks (rare exceptions) and the internet in general should you make the data public yourself.

Personal data acquired through your own activity are those you provide us with in relation to using of our products or services.

In exceptional cases we can acquire your personal data also from third persons authorised to process your personal data and to submit them to us when the following terms and conditions are met.


Legal basis for the processing

  • Contract on providing legal services
  • Providing of personal data is an obligation of the data subject – the client (hereinafter the “Client") arising from the above mentioned Contract.


Purpose of the processing

  • Providing of legal services under a contract entered into with the Client


Recipients of personal data

  • Public authorities (e.g. courts, administrative bodies)
  • Information system maintenance providers
  • Other recipients as needed and in accordance with the Client’s instructions


Personal data processing time

The personal data shall be subject to processing for the whole duration of the above mentioned Contract validity; after the validity period elapses the data shall be handled in accordance with the valid legal regulation, namely Act No. 85/1996 Coll., (Legal Profession Act), Act No. 499/2004 Coll., (on Archiving and Records Management, as amended), and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).


The rights of the Client

The right of access to personal data means that the Client is entitled to obtain information from the controller-attorney as to whether or not personal data concerning him or her [the Client] are being processed and, if so, what specific data they are and how they are being processed. The Client also has the right to have the controller-attorney, without undue delay, correct at their request any incorrect personal data regarding them [the Client]. The Client has the right to fill in any incomplete personal data at any time.

The right of erasure of personal data represents in other words the obligation of the controller-attorney to destroy personal data that they are processing in relation to the Client – if certain terms and conditions are met, and the Client requests so.

In certain cases, the Client has the right to ask the controller-attorney to restrict the processing of their personal data. The Client has the right at any time to raise an objection against personal data processing based on legitimate interests of the controller-attorney, a third party, or when necessary to carry out a task in the public interest or exercise official authority.

The right to data portability provides the Client with the option to receive the personal data concerning him or her, which he or she has provided to a controller, in a commonly used and machine-readable format. These data can be, subsequently, transmitted to another controller, or if technically viable, the controllers can be requested to transmit the data between each other.

The right to withdraw the consent to personal data processing at any time shall not be applied as the Client’s personal data are processed because of performance under a contract entered into with the Client, not on the basis of a consent to data processing.

Should the Client be dissatisfied for whichever reason with the processing of their personal data performed by the controller-attorney, they can submit a complaint either directly to the controller, or contact the Office for Personal Data Protection.

Regarding the rights of the clients please see more information available on the website of the Office for Personal Data Protection. (