We are Blockchain Legal, a law firm specializing in providing services to entrepreneurs and individuals, with a particular focus on innovative and technological sectors. We recognize that privacy is important to our clients, and our collaboration requires mutual trust. Confidentiality is therefore key to our operations.

Providing legal services to our clients and carrying out our other activities involves the exchange of information, documents, and various records. Therefore, we would like to inform you about how we process personal data within our law firm in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR).

Who Manages Your Personal Data?

The data controller is Blockchain Legal, advokátní kancelář s. r. o., through which we provide legal services in accordance with the law on advocacy. The controller determines the purposes of processing and is responsible for processing personal data. From a legal perspective, the controller is also the entity responsible for ensuring compliance with data protection laws. Below are our full company details:

Blockchain Legal, advokátní kancelář s. r. o.

Registered in the Commercial Register maintained by the Municipal Court in Prague under file number C 279720

How Do We Process Personal Data?

The processing of personal data is a term used in legal regulations to protect privacy. But what does it actually mean, and what constitutes personal data?

Simply put, personal data includes any information relating to a specific individual. Processing of personal data refers to all activities involving such data, including its storage.

Processing personal data is an integral part of many routine activities. In what situations do we process your personal data? Let’s take a look.

If You Are Our Client or Request Our Services

Providing legal services is a complex activity that inevitably involves processing a wide range of your personal data.

To properly provide the services you request, we need to communicate with you, work with the information you provide, interact with other parties (such as opposing parties, courts, and authorities), process documents and information from third parties, and produce the required legal outputs.

These core activities are accompanied by other tasks such as bookkeeping, maintaining legal case files, and other internal processes within our firm. In specific cases, we are also legally obliged to verify your identity and conduct due diligence under anti-money laundering regulations.

If You Visit Our Website

Our website operates on a modern platform that uses cookies and related technologies. Some technical information must be processed and stored in your browser to ensure proper website functionality. Other data is processed to measure marketing campaign effectiveness, website traffic, and to enhance the user experience. You can choose to decline analytical and marketing cookies when visiting our website. More details about cookies can be found in a dedicated section below.

If You Are Our Business Partner or Supplier

If you are one of our business partners, suppliers, or collaborate with us in any way, we process your personal data to the extent necessary for our business relationship. We typically enter into a contract that governs our cooperation, and data processing takes place within the scope of that agreement. We usually process mutual communication, information on performance and payments, and other relevant business-related data.

If Your Data Is Involved in a Case We Handle

When providing legal services to our clients, we may process data of third parties. This data is subject to our legal duty of confidentiality, just like client data. We process such data in connection with handling client cases based on their legitimate interest.

You Contacted Us or We Contacted You

If we start communicating outside of the above-mentioned cases (for example, if you reach out to us with a general inquiry via email), we need to process the data that arises from such communication.

Access to Personal Data

Like any modern company, we use a range of outsourced services in our operations. To properly provide some of these services, their providers may need to engage in the processing of personal data to a certain extent, depending on the specific service. Our suppliers, partners, and other collaborators always have access only to the personal data necessary to deliver the specific service and only to the extent required. When selecting service providers, we also consider how they handle the provided data, striving to ensure maximum security for the processed information.

The main categories of entities involved in the processing of personal data include:

• Providers of technical IT services, including infrastructure (hosting service providers and various IT tools),

• Accountants, legal, and tax advisors,

• Providers of online analytics tools (as specified in the cookies section below),

• External collaborators, including other lawyers, translators, and specialized service providers.

A special category of collaborators includes our permanently cooperating attorneys, whose current list can be found on our website or on the website of the Czech Bar Association (https://www.cak.cz/firma-detail/340f9852-507b-e711-80d7-00155d642329). We also cooperate with JUDr. Tomáš Elbert, attorney reg. no. 16037, and Mgr. Bc. Pavel Urbaczka, attorney reg. no. 16329.

Our main IT technology providers include Proton AG (email and other tools – https://proton.me/legal/privacy) and Single Case, s.r.o. (law firm information system – https://www.singlecase.com/), whereas we particularly value both providers for their approach to secure data storage, including thorough encryption. Under standard conditions, employees of these providers do not have access to the content of processed data.

The security of personal data with our suppliers is ensured through their contractual obligations, including confidentiality agreements. In cases where data is transferred to locations outside the European Union, we provide additional protection through contracts based on Standard Contractual Clauses (SCCs) approved by the European Commission or other legal instruments in compliance with applicable regulations.

Cookies

What Are Cookies?

Our website uses cookies. Cookies are small data files stored on your device by the websites you visit. They are widely used to ensure the proper functioning of websites or to enhance their efficiency, as well as to provide information to website operators. Cookies are not harmful to your device or its software.

Essential Technical Cookies

Our website uses cookies to ensure its proper functionality and to secure the operation of the website. These cookies are necessary for the proper provision of services and do not require your consent for storage. They primarily include cookies for session storage and user settings (e.g., language preferences). If these cookies are blocked in your browser settings, the offered services may not function correctly or may not be available at all.

Analytical and Marketing Cookies

Our website also uses third-party services for traffic analytics and advertising campaign effectiveness, which rely on cookies. These cookies are stored only with the user’s consent, expressed through the cookie settings panel displayed when entering the website.

Cookies Used

Google - Analytics and Ads

Our website uses standard tools from Google to analyze website traffic and advertising campaign effectiveness. Google Analytics collects data from cookies or other website elements to analyze website usage. Google Ads collects data about the effectiveness of Google advertisements. The information stored in cookies (including IP addresses) will be shared with Google and stored on Google’s servers. All such collected data will be processed pseudonymously and used for analytical purposes related to website traffic. For more information, you can visit the following links:

• Ochrana soukromí

• Information on Google's use of cookies,

• Information about specific Google cookies,

• To opt out of Google Analytics processing, visit this page

Squarespace

Our website is built on the Squarespace platform. Squarespace uses cookies both to ensure website functionality and to analyze traffic and user behavior on the website. For more information, you can visit the following links:

• Squarespace – Privacy Policy

• Squarespace – The cookies Squarespace uses

YouTube

YouTube is used to display selected content on our website. Information stored in cookies about website usage (including IP addresses) will be shared with Google and stored on Google’s servers. All such collected data will be processed anonymously and used for analysis by website administrators. For more information, visit the following link:

• Privacy Policy

Microsoft Advertising

As part of promoting our services, we use Microsoft’s advertising services. To measure the effectiveness of advertising campaigns within the Microsoft advertising network, our website utilizes Universal Event Tracking (UET), a technology primarily used for tracking conversions (a tool that reports what happens after a customer interacts with an ad).

• Microsoft Privacy Policy,

• Cookies used and more information on Microsoft UET.

LinkedIn Advertising

We also use LinkedIn's advertising services to promote our services. To measure the effectiveness of advertising campaigns on LinkedIn, our website uses cookies from this platform, mainly for conversion tracking.

• LinkedIn Privacy Policy,

• LinkedIn Cookie Policy,

• List of cookies used by LinkedIn

Meta

Our website also uses the Meta Pixel service to analyze the effectiveness of advertising within the Meta advertising network. This service is provided by Meta (formerly Facebook).

• More information about Meta cookies,

Managing Cookies

You can configure your browser to reject all cookies or only specific ones. Instructions for adjusting browser settings can typically be found in your browser's help section. If you reject all cookies, some website features may not function properly.

After visiting a website, you can also delete all stored cookies from your browser to maximize your privacy.

Your Rights

In connection with the processing of your personal data, you have the following rights: (1) the right to access your personal data, (2) the right to rectification of inaccurate personal data, (3) the right to restriction of processing, (4) the right to erasure of personal data, (5) the right to object to the processing of personal data, (6) the right to withdraw consent, (7) the right to data portability, and (8) the right to lodge a complaint with a supervisory authority.

If you make a GDPR request, then we may need to verify your identity and we are entitled to request additional information before we can process it properly.

If we process your personal data in connection with the provision of legal services to our clients, your rights are generally limited. We are legally required to maintain attorney-client confidentiality and retain documentation related to legal services, and therefore, we are usually unable to comply with your requests under the GDPR.

The Right to Access Personal Data

In connection with the processing of personal data, you have the right, upon request, to receive information about the processing of your personal data and to obtain a copy of the processed personal data.

The Right to Rectification

If you believe that your personal data is inaccurate, outdated, or otherwise incorrect, you can contact us, and we will ensure the necessary correction.

The Right to Restrict Processing

In cases where the processed data is inaccurate or you have raised an objection, you have the right to request a restriction on processing.

During the restriction period, personal data will only be stored and no operations will be performed on them without your consent. The restriction on processing lasts for as long as one of the above-mentioned situations applies (e.g., the assessment of an objection or until the correction is made). You will be informed of any termination of the restriction.

The Right to Erasure

If you withdraw your consent for the processing of personal data or if the personal data is no longer necessary, you have the right to request the erasure of such personal data.

However, in some cases, the right to erasure is limited. For example, personal data processed based on legal obligations cannot be erased before the legally mandated retention period expires.

The Right to Object

You may submit a justified objection to the processing of personal data based on legitimate interest or for direct marketing purposes. The legitimacy of the objection will be assessed, and you will be informed of the decision via your chosen contact method.

The Right to Withdraw Consent to Data Processing

If your personal data is processed based on your consent, you may withdraw this consent at any time.

The Right to Data Portability

If the personal data you have provided is processed automatically in connection with contract performance or based on your consent, you have the right to receive it in a structured, machine-readable format.

The Right to File a Complaint with a Regulatory Authority

If you believe that your personal data is not being handled in accordance with the law, you have the right to contact the relevant supervisory authority in your place of residence, place of work, or where the violation of your rights occurred. In the Czech Republic, the supervisory authority is the Office for Personal Data Protection.

Changes to the Privacy Policy

We reserve the right to modify this privacy policy as needed in response to changes in data processing conditions. Any updates will be published on our website.

Contact Information

If you have any questions or you wish to exercise any of the above rights, you can contact us at: