Love production s.r.o., with its registered office at Revoluční 3810, Frýdek, 73801, Frýdek-Místek, registered in the Commercial Register maintained by the Regional Court in Ostrava, Section C, File 58572 (hereinafter also referred to as the “Controller” or “We”), as the controller of personal data, informs you, if you have created a LoveID and/or purchased a ticket for an Event through the ENIGOO platform, as a user of the website www.stoun.cz, www.b4l.cz, (“website”) informs you, within the meaning of Article 13 of Regulation (EU) No. 2016/679 of the European Parliament and of the Council, the so-called General Data Protection Regulation (hereinafter referred to as the “Regulation”), about the processing of your personal data. These principles supplement the Terms and Conditions and Complaints Procedure of Love production s.r.o.
Further on in the text, you will find out especially:
1. What personal data we will process;
2. what purposes and in what manner we will process your personal data;
3. To whom your personal data may be transferred;
4. How long will we process your personal data and
5. What are your rights in relation to the protection of your personal data?
If you need any part of the text explained, advice, or to discuss further processing of your personal data, you can contact us at any time at the following email address: info@b4l.cz.
1. PURPOSE, LEGAL BASIS, SCOPE, AND DURATION OF PERSONAL DATA PROCESSING
1.1. We will process your personal data for the following purposes and on the following legal bases:
1.1.1. Creation and management of LoveID (Article 6 (1)(b) of the Regulation) – processing is necessary for the performance of a contract to which the data subject is party (contract for the creation and management of LoveID), to the extent of identification and contact details, for the duration of LoveID;
1.1.2. sale of tickets for Events via the Website (Article 6(1)(b) of the Regulation) – processing is necessary for the performance of a contract to which the data subject is party (purchase contract for the sale of tickets), to the extent of identification and contact details, for a period from the purchase of the ticket until 4 weeks after the end of the Event;
1.1.3. payment of ticket prices for Events (Article 6(1)(b) of the Regulation) – processing is necessary for the performance of a contract to which the data subject is party (recording of ticket price payments), to the extent of identification and other data (such as the amount and date of payment, identification of specific tickets paid for), for the duration of the storage of information on ticket sales;
1.1.4. handling claims related to ticket sales, complaints (Article 6(1)(f) of the Regulation – processing is necessary for the purposes of the legitimate interests pursued by the controller, consisting in the need to handle complaints and defend against claims related to ticket sales, to the extent of identification and contact details and details of the tickets subject to complaint, for the period during which claims from complaints can be asserted, at most until the expiry of the limitation period under the law;
1.1.5. recording of data on tickets sold (Article 6(1)(c) Regulation – processing is necessary for compliance with a legal obligation to which the controller is subject (Act No. 563/1991 Coll. on Accounting, Act No. 235/2004 Coll. on VAT) in the scope of identification and contact details and ticket details, for the period specified by the aforementioned legal regulations (3 and 5 years);
1.1.6. marketing purposes for sending newsletters and other information (Article 6(1)(f) of the Regulation) – processing is necessary for the purposes of the legitimate interests pursued by the administrator, consisting in the performance of direct marketing to existing customers (buyers who have concluded a purchase contract with us), to the extent of address data (e-mail address), until the data subject unsubscribes.
1.1.7. marketing purposes in other cases (Article 6(1)(a) of the Regulation) – processing for which the data subject has given consent, to the extent of address details (e-mail address), for the period until the consent is cancelled, but no longer than 3 years from the date of giving consent;
Cookies on websites (Article 6(1)(a) of the Regulation) Processing for which the data subject has given consent, to the extent and in the manner specified in Article 4 of this document.
2. Recipients of personal data
2.1. Personal data processed within the scope of the above-mentioned processing activities are only transferred to entities that are in the position of personal data processors and that provide us with services necessary for the operation of websites, ticket sales, organization of Events, and fulfillment of legal obligations, such as:
– provider of the ENIGOO platform for ticket sales;
– service provider processing the payment as a personal data processor + as an independent personal data controller;
– providers of server, web, cloud, or IT services;
– external legal, accounting, and tax advisors, bound by confidentiality obligations.
2.2. A contract for the processing of personal data within the meaning of Article 28(3) of the Regulation has been concluded with all processors.
2.3. Beyond the scope of personal data processing activities in their capacity as processors, these entities may also process buyers’ personal data for other purposes that they themselves determine. In the context of such processing, they are in the position of independent personal data controllers, and in such cases, the processing is governed by the separate terms and conditions of these entities. (https://www.enigoo.cz/assets/dokumenty/cs/ENIGOO_GDPR.pdf).
3. Obligation and voluntary nature of providing personal data
3.1. The purchase of tickets and participation in Events are voluntary, unless required by law. However, in order to purchase a ticket, it is necessary for you to provide personal data to the extent specified in this document, as without it we are unable to issue and provide you with a valid ticket and fulfill our obligations under the purchase agreement.
4. Consent to the processing of personal data
4.1. In the case of processing activities that we process based on your consent, consent must always be given before processing begins, and must be given explicitly and actively, in a recordable manner.
4.2. Consent that has been given may always be cancelled in a manner that results from the specific processing activity (in the case of marketing newsletters, by unsubscribing from the newsletters; in the case of cookies, by disabling cookies in the relevant settings). Revocation of consent does not affect the lawfulness of processing based on consent given prior to its revocation.
4.3. If you give us your consent on the website, we will also process the personal data you provide, including your purchase history, for the following purposes:
– conducting marketing analyses and statistics, including profiling;
– commercial communications relating to our services and goods and the goods and services of our partners to your email address, taking into account your purchases, preferences, or otherwise tailored to select goods and services that best suit your needs;
– use of personal data provided to us by Facebook if you log in via this social network, to the extent specified in your settings, for the purposes listed above.
– targeting advertisements on Google and Facebook social networks based on your behavior and preferences on our Website and, for this purpose, transferring data about your behavior to the operators of these social networks.
4.4. Cookies
4.4.1. Cookies are small files in your browser that are used to store and receive identifiers and other information about computers, phones, and other devices from which you access the Website, helping us to provide, protect, and improve the services we offer.
4.4.2. The use of cookies allows us to offer you the services and products that best suit your needs and interests. We may use cookies that allow us to identify that you specifically visited a particular page.
4.4.3. Cookies enable us to record information about your visit to the Website, making your next visit easier and faster (for example, cookies help reduce page loading times).
4.4.4. We use cookies when you visit our website, most often to customize content, collect anonymous statistics on traffic, select relevant advertisements, and facilitate a more secure login.
4.4.5. We use two types of cookies on the Website:
– Session cookies: These cookies are temporary. They are stored in your browser’s cookie file only until you close your browser. These cookies are necessary for the proper functioning of the Website or associated applications.
– Persistent cookies: We may use these cookies to make your experience on the Website easier and more convenient (for example, simpler and faster navigation). These cookies remain in your browser’s cookie file for a longer period of time. The length of this period depends on your browser settings. Persistent cookies allow information to be transferred to the web server each time you visit the Website.
4.4.6. You can refuse cookies in your web browser settings, or set up the use of only some of them. If you do not allow the use of cookies, some features may not work as they should.
4.4.7. You can find the privacy settings on your computer, where you can refuse or disable the use of cookies, in the menu of your internet browser.
4.5. In connection with our website, we use the Google Analytics tool, which allows us to measure traffic, its types, time spent on the website, and search terms. However, we do not provide Google with any information that could identify you, and no processing of your personal data takes place within this tool. You can read about how Google Analytics works at: https://policies.google.com/privacy/partners?hl=cs.
5. Taking video/visual recordings to ensure compliance with certain obligations
5.1. In order to ensure compliance with the prohibition on transferring identification chips or wristbands to third parties, we are entitled to take a photograph of your face when issuing the chip. This photograph is temporarily stored in a separate database, where it is paired only with a specific chip/wristband and cannot be identified in any way with a specific ticket or specific data about a natural person. Your consent is not required for the taking of these photographs within the meaning of Section 88(1) of Act No. 89/2012 Coll., the Civil Code, as it is necessary to protect our legally protected interest in preventing the unauthorised transfer of admission means to non-paying persons.
5.2. Each time you pass through the access system, your appearance is automatically compared with the photograph taken when the chip/wristband was issued in order to verify that the chip/wristband is still being worn by the person to whom it was issued. If a discrepancy is found, a manual check is performed in the presence of an authorized person.
5.3. All photos taken for this purpose will be permanently deleted no later than 24 hours after the end of the Event. No records are stored regarding the automated comparison of photos.
6. Information about your rights under Articles 12, 15 to 22 of the Regulation
6.1. You have the following rights in relation to our processing of your personal data:
– the right to access personal data;
– right to rectification;
– the right to deletion (“right to be forgotten”);
– the right to restrict data processing;
– the right to portability;
– the right to object to processing; and
– right to submit a complaint regarding the processing of personal data.
6.2. rights are explained below so that you can get a clearer idea of their content.
6.2.1. The right of access means that you can ask us at any time to confirm whether or not personal data concerning you is being processed, and if so, for what purposes, to what extent, to whom it is disclosed, how long we will process it, whether you have the right to rectification, erasure, restriction of processing, or objection, where we obtained the personal data, and whether your personal data is used for automated decision-making, including profiling. You also have the right to obtain a copy of your personal data, with the first provision being free of charge and subsequent provisions subject to a reasonable fee to cover administrative costs.
6.2.2. The right to rectification means that you can ask us at any time to correct or complete your personal data if it is inaccurate or incomplete.
6.2.3. The right to deletion means that we must delete your personal data if (i) it is no longer necessary for the purposes for which it was collected or otherwise processed, (ii) the processing is unlawful, (iii) you object to the processing and there are no overriding legitimate grounds for the processing, or (iv) we are required to delete it by law.
6.2.4. The right to restriction of processing means that until we resolve any disputed issues regarding the processing of your personal data, we must restrict the processing of your personal data so that we can only store it and, if necessary, use it for the purpose of determining, exercising, or defending legal claims.
6.2.5. The right to portability means your right to obtain personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format, and the right to transmit those data to another controller without hindrance from us, where the processing is based on your consent or on the performance of a contract and where the processing is carried out by automated means.
6.2.6. The right to object means that you can object to the processing of your personal data that we process on the basis of our legal obligation (Article 6(1)(e) of the Regulation) or on the basis of our legitimate interests (Article 6(1)(f) of the Regulation). If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes. In other cases, we will carry out a balancing test to assess whether your interest in privacy outweighs our interest in pursuing our legitimate interests, and we will comply with or reject your objection based on the results of this test.
6.3. You can apply all your rights by contacting us at info@b4l.cz. You can file a complaint with the supervisory authority, which is the Office for Personal Data Protection (www.uoou.cz).
7. Transfer of personal data to a third country outside the EU or to an international organization
7.1. We do not transfer your personal data to any third country outside the EU or to any international organization.
This Privacy Policy is effective as of September 24, 2025.