1. IDENTITY & SCOPE
This Privacy Policy (the "Protocol") governs the processing of personal data by RENTSTAG AG & CO S.R.O., with its registered office in Prague, Czech Republic, and all its affiliated companies, subsidiaries, and operating partners (collectively, the "Group" or "Rentstag"). We operate under a strict Data-First architecture. We treat data privacy not merely as a compliance requirement, but as a core component of our operational integrity. This Protocol applies to all digital interactions, investor relations, and acquisition processes facilitated through our ecosystem.
2. DATA COLLECTION ARCHITECTURE
We collect and process data strictly necessary for our operational mandates:
Professional Identity Data: Names, corporate affiliations, professional contact details, and verification documents required for due diligence (KYC/AML).
Technical Logs: Server-side interaction metrics, IP addresses, and timestamp data necessary to ensure system security and computational stability.
Strategic Correspondence: Data contained in communications regarding potential acquisitions, partnerships, or asset optimization strategies.
3. PURPOSE OF PROCESSING (LEGAL BASIS)
Pursuant to the General Data Protection Regulation (EU) 2016/679 ("GDPR"), we process data based on:
Contractual Necessity: For the execution of NDAs, LOIs, and management agreements.
Legitimate Interest: To maintain the security of our infrastructure, prevent fraud, and conduct internal algorithmic benchmarking.
Legal Obligation: Compliance with Czech and EU reporting standards, tax laws, and anti-money laundering directives.
4. DATA SOVEREIGNTY & SHARING
Rentstag operates as a unified roll-up entity. Data may be shared strictly within the Group and with:
Affiliated Entities: For the purpose of centralized portfolio management and administrative efficiency.
Verified Service Providers: Legal counsels, auditors, and IT infrastructure providers bound by strict Data Processing Agreements (DPA).
We do not monetize personal data. We do not sell, lease, or trade data to third parties for marketing purposes.
5. COOKIE EXEMPTION & ZERO-TRACKING ARCHITECTURE
Rentstag maintains a strict Zero-Tracking Policy. We do not utilize third-party analytics, behavioral profiling, advertising pixels (e.g., Google Ads, Meta Pixel), or commercial tracking scripts.
Exemption from Consent (No Banner Required)
Our digital infrastructure utilizes strictly necessary technical storage (cookies/local storage) solely for the purpose of carrying out the transmission of a communication and ensuring the functional integrity of the interface. Pursuant to Article 5(3) of the ePrivacy Directive (2002/58/EC) and its implementation under Section 89(3) of the Electronic Communications Act (CZ), these technical operations are exempt from the requirement of user consent.
Scope of Technical Storage:
Security Tokens: To prevent Cross-Site Request Forgery (CSRF).
Load Balancing: To ensure computational stability across server nodes.
Session State: To maintain user context during active navigation.
Consequently, no "Cookie Consent Banner" is deployed, as no non-essential data processing occurs.
6. DATA RETENTION & SECURITY
We employ enterprise-grade encryption and access control protocols. Data is retained only for the duration mandated by applicable commercial laws (e.g., archiving periods for tax documents) or for the limitation periods of potential legal claims.
7. RIGHTS OF THE DATA SUBJECT
Under GDPR, you maintain the right to:
- Request access to your personal data.
- Request correction or erasure of data ("Right to be Forgotten").
- Object to processing based on legitimate interest.
- Lodge a complaint with the Supervisory Authority (Úřad pro ochranu osobních údajů - ÚOOÚ).
8. CONTACT & DATA COMPLIANCE OFFICE
For all privacy-related inquiries, clarifications regarding our Zero-Tracking Architecture, or to exercise your rights under GDPR, contact:
