Přeskočit na obsah

GDPR

GDPR & Personal Data Protection

Last updated: 1.5.2026

This Privacy Policy explains how Jana Affum collects, uses, stores and protects personal data when you visit this website, contact us, use our recruitment or coaching services, apply for a role, communicate with us as a candidate, client, partner, agency or website visitor.

We process personal data in accordance with the General Data Protection Regulation — Regulation (EU) 2016/679 — and applicable Czech and European data protection laws.

1. Data Controller

The data controller responsible for the processing of personal data is:

Jana Affum
Business ID: 13956248
VAT ID: CZ8952264651
Registered office: tř. Dukelských hrdinů 3789/84, 695 01 Hodonín, Czech Republic
Registered in the Czech Trade Licensing Register
Email: info@janaaffum.com

For all privacy-related questions, requests or complaints, you can contact us at:

[insert GDPR/privacy email]

2. Who This Privacy Policy Applies To

This Privacy Policy applies to:

  • website visitors,
  • candidates and job applicants,
  • potential candidates contacted through sourcing activities,
  • clients and prospective clients,
  • business partners,
  • recruitment agencies and cooperation partners,
  • coaching clients,
  • people who contact us through the website, email, LinkedIn, phone, calendar booking tools or other communication channels.

3. What Personal Data We Process

The type of personal data we process depends on your relationship with us.

3.1 Website Visitors

When you visit this website, we may process:

  • IP address,
  • browser type and version,
  • device type,
  • operating system,
  • approximate location based on technical data,
  • pages visited,
  • date and time of access,
  • cookie preferences,
  • analytics data, if you provide consent.

3.2 People Who Contact Us

If you contact us through a form, email, LinkedIn, phone or booking tool, we may process:

  • name and surname,
  • email address,
  • phone number,
  • company name,
  • job title,
  • message content,
  • information about your request,
  • communication history,
  • meeting details.

3.3 Candidates and Potential Candidates

If you are a candidate or potential candidate, we may process:

  • name and surname,
  • contact details,
  • LinkedIn profile or other professional profile,
  • CV or résumé,
  • current and previous job positions,
  • professional experience,
  • education,
  • technical skills,
  • language skills,
  • seniority level,
  • location and relocation preferences,
  • salary expectations,
  • availability,
  • interview notes,
  • communication history,
  • career preferences,
  • information shared during recruitment discussions,
  • publicly available professional information relevant to recruitment.

We do not intentionally collect special categories of personal data unless you voluntarily provide such information and it is necessary for a specific lawful purpose.

3.4 Clients, Agencies and Business Partners

If you are a client, agency partner or business partner, we may process:

  • name and surname,
  • company name,
  • job title,
  • work email,
  • phone number,
  • billing information,
  • contract information,
  • communication history,
  • project details,
  • recruitment requirements,
  • business cooperation details.

3.5 Coaching Clients

If you use coaching services, we may process:

  • name and surname,
  • contact details,
  • session booking details,
  • communication history,
  • coaching goals,
  • notes necessary for the provision of coaching services.

Coaching services are not psychological, psychiatric, medical or psychotherapeutic care and do not replace professional healthcare services.

4. How We Collect Personal Data

We may collect personal data:

  • directly from you when you contact us,
  • through website forms,
  • through email or phone communication,
  • through LinkedIn or other professional platforms,
  • during recruitment, sourcing or coaching communication,
  • from publicly available professional sources,
  • from recruitment agencies, clients or business partners,
  • from CVs, professional profiles or documents you provide,
  • from calendar booking tools or communication tools,
  • through cookies and similar technologies, where applicable.

5. Why We Process Personal Data

We process personal data for the following purposes:

5.1 Recruitment and Executive Search

We process candidate data to:

  • identify suitable candidates,
  • assess professional experience and skills,
  • communicate with candidates,
  • present relevant candidates to clients,
  • arrange interviews,
  • support the hiring process,
  • maintain a candidate database,
  • manage recruitment projects,
  • provide replacement or follow-up recruitment services.

5.2 Client and Business Communication

We process client and partner data to:

  • respond to enquiries,
  • prepare proposals,
  • provide recruitment or consulting services,
  • communicate about projects,
  • manage contractual relationships,
  • issue invoices,
  • maintain business records.

5.3 Coaching Services

We process coaching client data to:

  • schedule sessions,
  • communicate with clients,
  • provide coaching services,
  • manage payments and administration,
  • maintain basic service records.

5.4 Website Operation and Security

We process technical data to:

  • operate this website,
  • ensure website security,
  • prevent misuse,
  • analyse website performance,
  • improve user experience,
  • manage cookie preferences.

5.5 Legal and Administrative Obligations

We process certain data to:

  • comply with accounting and tax obligations,
  • comply with legal requirements,
  • protect our legal claims,
  • respond to lawful requests from public authorities.

6. Legal Bases for Processing

We process personal data based on one or more of the following legal bases:

6.1 Performance of a Contract

We process data when it is necessary to provide services, communicate about a contract or take steps before entering into a contract.

This applies mainly to clients, agencies, business partners and coaching clients.

6.2 Legitimate Interest

We may process personal data based on legitimate interest, especially for:

  • recruitment and sourcing,
  • communication with potential candidates,
  • business communication,
  • maintaining client and candidate relationships,
  • protection of legal claims,
  • website security,
  • B2B marketing communication where legally permitted.

When we rely on legitimate interest, we always consider whether your rights and freedoms override our interest.

6.3 Consent

We process personal data based on consent when required, for example:

  • non-essential cookies,
  • marketing communication where consent is required,
  • storing candidate data for future opportunities beyond the original recruitment purpose,
  • publication of testimonials, photos or identifiable references.

You can withdraw your consent at any time.

6.4 Legal Obligation

We process personal data when required by law, for example for accounting, tax or legal compliance purposes.

7. Candidate Privacy Notice

This section applies specifically to candidates and potential candidates.

We may process your professional data to assess your suitability for current or future job opportunities. This may include data obtained directly from you, from your CV, LinkedIn profile, public professional sources, client referrals or recruitment partners.

We may share your professional profile with clients only when it is relevant to a recruitment process. Where appropriate, we will inform you before presenting your profile to a client.

We do not sell candidate data.

You may contact us at any time to:

  • ask what data we hold about you,
  • request correction of inaccurate data,
  • object to processing,
  • request deletion of your candidate profile,
  • limit future contact,
  • withdraw consent where processing is based on consent.

8. Use of AI and Automated Tools in Recruitment

We may use digital tools, recruitment software or AI-assisted tools to support recruitment activities, for example:

  • organising candidate information,
  • matching skills with job requirements,
  • improving search efficiency,
  • summarising professional information,
  • preparing recruitment notes,
  • supporting communication and workflow management.

AI-assisted tools are used only as support tools. Final recruitment decisions, candidate recommendations and client communication involve human review.

We do not make final hiring decisions solely by automated means.

Candidates may request human review or clarification regarding how their data was used in the recruitment process.

We aim to use AI tools responsibly, transparently and in a way that respects privacy, fairness and non-discrimination.

9. Cookies and Similar Technologies

This website may use cookies and similar technologies.

Cookies are small files stored on your device that help the website function properly, improve user experience and, with your consent, provide analytics or marketing insights.

9.1 Types of Cookies We May Use

Strictly necessary cookies
These cookies are required for the basic operation of the website and cannot usually be disabled.

Analytics cookies
These cookies help us understand how visitors use the website. They are used only with your consent where required.

Marketing cookies
These cookies may be used to measure advertising performance or personalise content. They are used only with your consent.

Third-party cookies
Some tools, such as analytics, embedded content, booking systems or social media integrations, may use third-party cookies.

9.2 Cookie Consent

Where required by law, we ask for your consent before using non-essential cookies.

You can accept, reject or manage cookie preferences through the cookie banner or cookie settings available on the website.

You may withdraw or change your consent at any time.

10. Who We May Share Personal Data With

We may share personal data with the following categories of recipients where necessary:

  • clients involved in recruitment projects,
  • recruitment agencies and cooperation partners,
  • IT and hosting providers,
  • email and communication service providers,
  • CRM or recruitment software providers,
  • calendar and booking tool providers,
  • cloud storage providers,
  • accounting and tax advisors,
  • legal advisors,
  • public authorities where legally required.

We only share personal data to the extent necessary for the relevant purpose.

11. International Data Transfers

Because we may work with international clients, candidates, agencies and digital service providers, personal data may be transferred outside the Czech Republic and, in some cases, outside the European Economic Area.

Where personal data is transferred outside the EEA, we take appropriate safeguards, such as:

  • using service providers located in countries with adequate protection,
  • relying on Standard Contractual Clauses where required,
  • limiting the scope of transferred data,
  • using trusted professional tools and platforms,
  • applying appropriate security measures.

12. How Long We Keep Personal Data

We keep personal data only for as long as necessary for the purpose for which it was collected.

Typical retention periods may include:

  • website contact enquiries: up to 12 months,
  • business communication: for the duration of cooperation and a reasonable period afterwards,
  • accounting and tax records: according to legal retention periods,
  • candidate data for a specific recruitment process: for the duration of the recruitment process and a reasonable follow-up period,
  • candidate data for future opportunities: only with consent or where another lawful basis applies,
  • coaching client records: for the duration necessary to provide services and manage administration,
  • legal claims: for the period necessary to protect or defend legal rights.

When personal data is no longer needed, we delete or anonymise it.

13. Data Security

We take reasonable technical and organisational measures to protect personal data against:

  • unauthorised access,
  • loss,
  • misuse,
  • alteration,
  • disclosure,
  • destruction.

These measures may include password protection, access control, secure communication tools, limited access to data, regular review of stored information and use of trusted service providers.

However, no method of online transmission or electronic storage is completely secure. We therefore cannot guarantee absolute security.

14. Your Rights Under GDPR

You have the following rights regarding your personal data:

Right of Access

You can ask us whether we process your personal data and request a copy of such data.

Right to Rectification

You can ask us to correct inaccurate or incomplete personal data.

Right to Erasure

You can ask us to delete your personal data where legally possible.

Right to Restriction of Processing

You can ask us to restrict the processing of your personal data in certain situations.

Right to Object

You can object to processing based on legitimate interest, including certain recruitment or marketing activities.

Right to Data Portability

Where applicable, you can request your data in a structured, commonly used and machine-readable format.

Right to Withdraw Consent

If processing is based on consent, you may withdraw your consent at any time.

Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority.

In the Czech Republic, the supervisory authority is:

Office for Personal Data Protection
Úřad pro ochranu osobních údajů
Pplk. Sochora 27
170 00 Prague 7
Czech Republic

Website: uoou.gov.cz

15. Marketing Communication

We may send business or marketing communication where legally permitted, especially in relation to our services, professional content, recruitment cooperation or business updates.

You can unsubscribe from marketing communication at any time by using the unsubscribe link, replying to the message or contacting us directly.

We do not sell personal data for marketing purposes.

16. Testimonials and References

We may publish testimonials, client feedback or references only where we have a lawful basis to do so.

If a testimonial includes your name, position, company or other identifiable information, we will use it only with your consent or another appropriate legal basis.

You may request removal or modification of your testimonial at any time.

17. Links to Third-Party Websites

This website may contain links to third-party websites, platforms or services, such as LinkedIn, booking tools, client websites or external resources.

We are not responsible for the privacy practices, content or security of third-party websites.

We recommend that you read the privacy policies of any external websites you visit.

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, technologies or business processes.

The latest version will always be available on this website.

The date of the latest update is shown at the top of this page.

19. Contact

If you have any questions about this Privacy Policy or the processing of your personal data, please contact us at:

Jana Affum
Email: info@janaaffum.com
Registered office: tř. Dukelských hrdinů 3789/84, 695 01 Hodonín, Czech Republic