Privacy Policy

Last updated: 10 April 2026

This policy explains how ForestBit Electronics s.r.o. processes personal data when operating this website and when handling enquiries submitted through the contact form or by email.

1. Controller

ForestBit Electronics s.r.o.
Přeslova 72/25
150 00 Prague
Czech Republic
Company ID: 14303388
VAT ID: CZ14303388

Privacy contact: filip.zika@forestbit.cz

2. Scope

This policy applies in particular to:

• visitors of our website,
• people who send us a business enquiry or another message,
• contact persons acting on behalf of a customer, supplier, or other business partner.

3. What personal data we process

3.1 Data submitted in an enquiry or message

• first and last name,
• email address,
• phone number,
• company name,
• message content or project description,
• any other information you voluntarily provide.

3.2 Technical and operational data

When you visit the website, technical data may be processed, such as:

• IP address,
• device and browser information,
• date and time of the request,
• technical identifiers and strictly necessary cookies,
• security and operational logs.

We use these data only to the extent necessary for secure website operation, content delivery, protection against abuse, and troubleshooting.

4. Purposes of processing and legal bases

4.1 Handling enquiries and business communication

We use your data to:

• reply to your enquiry or question,
• continue follow-up communication,
• review the project brief,
• prepare an offer, estimate, or proposed next steps.

Legal basis:

• Article 6(1)(f) GDPR – our legitimate interest in handling business enquiries and communicating with business contacts,
• where applicable, Article 6(1)(b) GDPR if the processing is necessary to take steps at your request prior to entering into a contract or to perform a contract concluded directly with you as an individual.

4.2 Website operation, security, and technical administration

We use technical data for:

• secure website operation,
• protection against attacks, abuse, and fraudulent traffic,
• content delivery and service availability,
• diagnosing and resolving technical issues.

Legal basis: Article 6(1)(f) GDPR – our legitimate interest in the secure and proper operation of the website.

4.3 Compliance with legal obligations and protection of our rights

We may also use data for:

• compliance with legal obligations,
• accounting, tax, and contractual documentation,
• protection and defence of legal claims.

Legal basis:

• Article 6(1)(c) GDPR – compliance with a legal obligation,
• Article 6(1)(f) GDPR – our legitimate interest in protecting and defending our rights.

5. Legitimate interests relied on

Where processing is based on legitimate interests, those interests include in particular:

• responding to business enquiries and developing business relationships,
• ensuring the security of the website and IT infrastructure,
• preventing misuse of forms and services,
• protecting our rights and defending against claims.

6. Who may receive the data

We do not disclose your personal data to third parties for their own marketing purposes. However, data may be made available to our contractual service providers that support the technical operation of the website and our communications, in particular:

• EmailJS Pte Ltd / EmailJS – technical delivery of messages submitted via the contact form,
• Cloudflare, Inc. – security and network services, CDN, and abuse protection,
• GitHub, Inc. / Microsoft – website hosting and technical operation through GitHub Pages,
• Indian Type Foundry / Fontshare – if external web fonts are loaded, this provider may receive technical data related to the delivery of font files.

We only use these providers to the extent necessary to operate the website and communicate with you.

7. Transfers outside the EU/EEA

Some of our providers may process personal data outside the European Union or the European Economic Area, especially in the United States.

We rely mainly on the following safeguards:

• EmailJS – Standard Contractual Clauses approved by the European Commission,
• Cloudflare – the EU–US Data Privacy Framework where applicable to the relevant service, or Standard Contractual Clauses and supplementary measures,
• Microsoft / GitHub – the EU–US Data Privacy Framework where applicable to the relevant service, or Standard Contractual Clauses and supplementary measures.

If you would like more information about the safeguards used, or a copy of the relevant contractual transfer mechanism, please contact us at filip.zika@forestbit.cz.

8. Retention periods

We retain personal data only for as long as necessary for the purposes described above.

In general:

• enquiry and business communication data are usually retained for 3 years from the last meaningful contact,
• if a contractual relationship is established, some data may be retained longer for the duration necessary to perform the contract, comply with legal obligations, or protect legal claims,
• technical and security logs are kept for a period appropriate to the specific operational or security purpose.

9. Is providing the data mandatory?

Providing data in the contact form is voluntary. However, without the data necessary to contact you and process your enquiry, we may not be able to:

• respond to your message,
• review the brief,
• prepare an offer or propose next steps.

10. Automated decision-making and profiling

We do not carry out automated decision-making or profiling within the meaning of Article 22 GDPR under this policy.

11. Your rights

You have the right to:

• request access to your personal data,
• request rectification of inaccurate or incomplete data,
• request erasure where the legal conditions are met,
• request restriction of processing,
• object to processing based on legitimate interests,
• data portability where this right applies in the specific case (in particular where processing is automated and based on consent or a contract),
• lodge a complaint with a supervisory authority.

If any processing is based on consent, you also have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.

12. How to exercise your rights

Please send your requests or privacy-related questions to filip.zika@forestbit.cz.

We will respond without undue delay and no later than within the time limits required by law.

13. Supervisory authority

You have the right to lodge a complaint with the competent supervisory authority:

Office for Personal Data Protection
Pplk. Sochora 27
170 00 Prague 7
Czech Republic
Website: www.uoou.gov.cz

14. Changes to this policy

We may update this policy from time to time, especially if the services we use, the website's technical setup, or legal requirements change. The date of the latest update will always be shown on this page.