Privacy Policy

1. Who are you?

We are Machine Learning Prague s.r.o., a company with its registered office at Cyrilská 508/7, 602 00 Brno, registered with the Regional Court in Brno under File No. C 123153. In the text below, we will refer to ourselves as the “controller” or “we”, and to yourselves as “you” or the “data subject”.

2. What is this document and what can I find here?

As we handle your personal data, we are in the position of the personal data controller under the GDPR and are required to inform you of how we process your personal data.

This document is divided into two parts:

  • in the first part, we inform you of how we process your personal data with regard to cookies every time you visit our website at https://www.mlprague.com;
  • in the second part, we advise you about the purposes for which we process the personal data, what categories of personal data we process, for what period of time, etc., and also what rights you have in this connection.

Cookies

3. What are cookies?

Cookies are basically small text files created by a website you visit, which are stored in your browser. In simple terms, cookies help us remember your preferences (e.g. language) or enable us to adapt the appearance of our website (e.g. for mobile displays).

4. What cookies do you use and for what purposes?

Besides technical cookies necessary for the operation of the website, we use Google Analytics to understand how visitors use our website. The list of analytics cookies we use and the purposes for which we use them can be found below:

CookieDomainTypeDescriptionDuration
_ga.mlprague.comAnalyticsThis cookie is installed by Google Analytics. It registers a unique ID that is used to generate statistical data on how the visitor uses the website. The information is stored anonymously.2 years
_ga_*.mlprague.comAnalyticsThis cookie is installed by Google Analytics to persist session state and count page views for the site’s analytics report.2 years

5. Can cookies be disabled?

Yes, you can. You can disable cookies and subsequently delete them in the settings of your web browser. Instructions can be found here:

Personal Data Processing

6. What are personal data?

Personal data are information related to an identified or identifiable person. In brief, personal data include all information about you that you have provided to us or that we have obtained otherwise. We provide the following examples for the purposes of this document:

Category of personal dataExample
Identification detailsName, surname, alias, login, etc.
Contact detailsTelephone number, e-mail address, etc.
Address detailsAddress of the registered office or place of residence
Payment detailsAccount number, etc.
Product detailsTicket details
Information on mutual co-operationHistory of orders or history of delivered products, etc.
Contents of communicationInformation provided to us by a data subject if the data subject sends us a message or fills in the contact form

The above categories are only examples; this does not mean that we process all the above personal data on yourselves. Quite the contrary – you will learn what personal data we gather on yourselves in the specific cases described below.

7. On what basis can you process my personal data?

The conditions under which we may process your personal data are listed directly in the GDPR. We may (and sometimes must) process your personal data on the following grounds:

  • you have given your consent to us;
  • the processing is necessary for the performance of a contract concluded between you and us or a contract we intend to conclude;
  • the processing is necessary for compliance with a legal obligation which applies to us;
  • the processing is necessary in order to protect your vital interests (or those of another natural person);
  • the processing is necessary for the performance of a task carried out in the public interest or in the exercise of an official authority vested in us;
  • the processing is necessary in view of our legitimate interests or those of a third party.

The legal grounds based on which we process your personal data can be found below, under Question 8.

8. How do you process my personal data, for how long and why?

We approach personal data processing responsibly and seriously – we therefore want to inform you as clearly as possible for what purpose we process your personal data. It is possible that not all the purposes listed below will apply to you and you thus need not worry if some of the purposes mentioned here appear to make no sense in your case:

If you buy tickets to conference

PurposeExtent of processingLegal groundDuration of data processing
Conclusion and performance of a contract (conference or workshop), including the related communication regarding its performanceIdentification details; Contact details (e-mail address); Product details; Payment details; Information on mutual co-operationPrecondition for the performance of a contractDuring the term of mutual co-operation (contractual relationship) and then for a period of 3 years after the termination of the co-operation (and basic details on this relationship for a period of 10 years)
Contacting you with an offer of services and products, including discountsIdentification details; Contact details (e-mail address); Address; Information on mutual co-operationLegitimate interest of the controllerDuring the term of mutual co-operation (contractual relationship) and then for a period of 3 years after the termination of the co-operation. Every marketing e-mail contains an unsubscribe link that allows you to opt out of further offers at any time.

If you contact us

PurposeScope of processingLegal groundDuration of data processing
Answering questions and mutual communicationIdentification details; Contact details (e-mail address); Contents of communicationLegitimate interest of the controllerFor a period of one year from answering the question, or within one year of the last communication

It should be noted that without personal data you provide to us, we are unable to communicate with you regarding your inquiry or to answer your question. If we decide to enter into a contract, we need personal data for its performance.

9. Who has access to my personal data?

We do all we can to protect your personal data. In the vast majority of cases, we (and possibly our employees and persons in a similar position) are the only ones to have access to the data. In some specific cases, we might, however, appoint another person to process personal data for us; in that case, we have concluded the relevant contracts with the processors.

We denote all these persons as recipients and list the categories of recipients below:

RecipientReason for disclosure
Amazon Web Services (AWS)Our website, database and e-mail delivery run on AWS infrastructure located in the European Union
GoPay s.r.o.Payment gateway provider – processes your payment details when you pay for the tickets by card
PayPal (Europe) S.à r.l. et Cie, S.C.A.Payment service provider – processes your payment details when you pay for the tickets via PayPal
Fakturoid s.r.o.Invoicing service – used to issue invoices for your orders
Google (Google Analytics)Analytics service – helps us understand how visitors use our website
Website operator, software providersThese persons look after our website and can thus gain random access to personal data or provide us other software
Volunteers and co-organizersThese persons help us with the organization of the conference
Legal and tax (accountant) advisorsSometimes, we need legal or tax advisors to look into information about legal relations between us and you
Workshop providersIf you attend workshop, we need to share some basic information with the workshop lecturer

10. What rights do I have?

GDPR naturally provides you with various rights which you can exercise depending on the legal basis for our processing of your personal data. To make things easier for you, we therefore provide the following table, which will help you determine which rights you can exercise and which you cannot (given that not all the legal grounds are relevant, we mention only those which can apply):

Right to:ConsentPerformance of a contractCompliance with a legal obligationLegitimate interest
accessYesYesYesYes
rectificationYesYesYesYes
erasureYesYesYesYes
restrictionYesYesYesYes
portabilityYesYesNoNo
objection to processingNoNoNoYes
revocation of consentYesNoNoNo
lodging a complaint with the OfficeYesYesYesYes

Further conditions regarding when and how you can exercise the given rights can be found in the following part.

10.1. Right of access

You have the right to obtain a confirmation from us as to whether or not we process your personal data. If we process your personal data, you have the right to access the personal data being processed and, at the same time, the right to obtain a copy of such personal data.

10.2. Right to rectification

We strive to process only up-to-date information about you and erase any incorrect information, following their rectification. However, this does not prevent you from asking us to rectify personal data that are no longer up-to-date or are incorrect.

10.3. Right to erasure (“right to be forgotten”)

If we no longer require your personal data, we will erase them immediately. However, this in no way affects your right to have your personal data erased (or rendered anonymous) without delay based on any of the following reasons:

  • the personal data are no longer required for the above purposes;
  • you withdraw your consent to personal data processing;
  • you raise an objection regarding a legitimate interest and we come to the conclusion that this legitimate interest does not override your rights (in the case of marketing purposes based on a legitimate interest, we will erase these data immediately);
  • the processing has been unlawful;
  • we are required to erase the data based on the laws of the Czech Republic or European Union law.

However, this right is not absolute. In some cases, we need not/must not erase your personal data – this is so in the following cases, where processing is necessary:

  • for exercising the right of freedom of expression and information;
  • for complying with a legal obligation;
  • for reasons of a public interest in the area of public health;
  • for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes;
  • for the establishment, exercise or defence of legal claims.

However, it is quite possible that none of the above cases will become relevant, and so you need not worry that we would not erase your personal data.

10.4. Right to restriction of processing

At the same time, you have the right to claim that we restrict personal data processing in one of the following cases:

  • you contest the accuracy of your personal data – for a period necessary to verify their accuracy;
  • the processing is unlawful, and you oppose the erasure of the personal data and request the restriction of their use instead;
  • we no longer need the personal data for the purposes of the processing, but you require us to store them for the establishment, exercise or defence of legal claims;
  • you raise an objection regarding a legitimate interest – until the objection is evaluated as to its justification.

10.5. Right to portability

Although this might seem odd at first sight, if we process your personal data by automated means and the processing is based on consent or necessity for the performance of a contract, you have the right to “portability”. The right to portability guarantees that we will transmit the data you have provided to us in a commonly used and machine-readable format, either to you or to another data controller identified by you.

10.6. Right to object to processing based on a legitimate interest

If we process your personal data on the basis of a legitimate interest, you have the right to raise a justified objection against such processing. In cases where data are being processed for the purposes of direct marketing, you need not justify your request and we will immediately cease processing your personal data, in line with the GDPR.

In other cases, we have the right to review your objection and assess whether your rights override our legitimate interest.

10.7. Right to withdraw consent

If we process your personal data on the basis of your consent, you naturally have the right to refuse the consent and withdraw it at any time. In that case, we will not continue with the processing and, if the law does not prevent us from doing so, we will erase your personal data.

However, if we simultaneously process your personal data based on some other legal ground, we are not required (and sometimes not even allowed) to erase the personal data.

10.8. Right to lodge a complaint with the Office for Personal Data Protection

If you believe that we are processing your personal data unlawfully, you naturally have the right to lodge a complaint with the supervisory authority, specifically the Office for Personal Data Protection (www.uoou.cz).

11. How can I exercise my rights?

You can exercise your rights easily by sending an e-mail to info@mlprague.com. Please note that we first have to verify your identity.

12. Will you take photographs?

Probably yes. During the Conference, we (or persons authorised by us) take photographs and video recordings for the purpose of documenting and promoting the Conference. The legal basis for this processing is our legitimate interest. The recordings are not used for the purpose of your identification. If you do not wish to appear in a photograph or recording, please let the photographer know, or contact us; you also have the right to object to this processing (see Question 10.6).

13. Do you transfer my personal data outside the EU?

We store your personal data within the European Union – our website, database and e-mail infrastructure run in EU regions of Amazon Web Services. Some of our service providers (e.g. Amazon Web Services, Google) are companies based in the USA; where access to personal data from outside the EU could occur, it is safeguarded by the European Commission’s Standard Contractual Clauses or an adequacy decision (such as the EU–US Data Privacy Framework).

14. Do you use automated individual decision-making in the processing?

No.

15. Since when is this document binding on me?

From 1 July 2026.