Principles of personal data processing

The company Digiskills s.r.o. operates the online microlearning educational portal (hereinafter referred to as the "portal"). This portal serves mainly as an application to learn about digital skills and associated areas.

We want you to be as well informed as possible about which of your personal data we process and how we handle it. That is why we have elaborated this document for you.

Our identity as the administrator

The administrator of your personal data is the company Digiskills s.r.o. based at Národní 416/37, 110 00 Praha 1, IČ: 05883075 DIČ: CZ05883075.

All requests concerning the provision of information or the processing of personal data can be directed to the authorized person, Milan Kinský:

Information we collect about you, its legal basis and purpose

We collect the following information about you from the moment you register on the portal:

  1. Name
  2. Surname
  3. Email
  4. Password
  5. Registration date and time
  6. Date and time of the last activity on the portal
  7. Content preferences
  8. User type
  9. Profile picture
  10. Membership in the organization
  11. Role in the organization
  12. Team membership in the organization
  13. What microlearning video you play
  14. What microlearning video you complete
  15. What microlearning video you have saved for later
  16. What terms you search for
  17. What activities you have as completed in the online course
  18. If and for how long you have paid (+ history)
  19. Whether you have an active session
  20. Billing information
  21. Telephone number
  22. Course evaluation
  23. Smartphone operating system type
  24. The size of your organization
  25. Set up e-mail subscriptions with new courses

Unless otherwise specified, personal data are processed on the basis of Art. 6, letter b) GDPR due to the performance of the contract (You have ordered a paid or free service and we are to provide it according to the contract), Art. 6, letter f) GDPR due to legitimate interest (where we have the opportunity to inform you about similar services that you have already ordered from us) and due to the fulfilment of obligations under Art. 6, letter c) GDPR (when we are obliged to keep, for example, invoices, etc. for control purposes due to the fulfilment of obligations towards public authorities).

Data required for registration and login

Data needed for registration includes

  • name
  • surname
  • email
  • and password.

We need your name and surname for us to be able to identify you on the portal and so that we know you are a real person. You also appear under your name and surname, for example, in the case of activity comparison charts (e.g., within a company).

The email and password serve as access data to the portal. You wouldn't be able to sign in without them.

Portal activity data

Data about your activity on the portal includes

  • date and time of registration
  • date and time of the last activity
  • Whether you have an active session

We store the date and time of your registration so that we know since when you are a registered user and when our contractual relationship begins to run.

We save the date and time of your last activity, first of all, so that we know how active you are in the education process and to help you improve it if necessary, and at second, so that we know you have gone off our portal and you are no longer interested in education, so we can remove you from our mailing list of newsletters, etc.

We store information about the active session for two reasons. The first reason is so that you do not have to log in every time you enter our site. We can recognize you by the active session and log you into your account immediately.

Entry questionnaire

After registering, we ask you the following information about you in the form of a questionnaire:

  • What size of a company do you work in?
  • What is your job position?
  • What operating system do you use in your mobile phone?

This data allows us to prepare the content better so that you do not have to wade through hundreds of courses and look for what you are interested in.


Profile picture

We allow users to upload their own profile photo. This is displayed inside the web application at your profile. Its upload is completely optional. Your photo is only used to make the inside of the application look better; we do not use it in any other way.

You can delete the profile photo from your profile at any time, indicating that you have removed your consent to its processing.

Data about organizations

An organization is a summary of accounts on a portal, where all accounts fall under just such an organization. Organizations are usually companies that subscribe to content with us.

If you are a member of the organization, we store the following information about you:

  • Membership in the organization
  • Role in the organization
  • Team membership in the organization

We need to know your organization's membership in order to provide you with access to paid content. The subscription is processed at the level of the organization itself, and even though you, as an individual, do not have a subscription,

your membership in the organization with a valid subscription entitles you to access paid content.

We need to know your role in the organization in order to allow you to perform specific operations on the portal accordingly. We distinguish 3 roles: Manager, Analyst and Member.

The member is a regular employee who has access to training and his\her own statistics.

The analyst can see the same content as a member and, in addition, has access to more detailed statistics of the organization's members recorded in a given team.

The manager has the same rights as the member and the analyst, but in addition he\she can add new people to the organization, change their roles, create teams and assign members to them, modify the training plan.

We need to know team membership in an organization in order to be able to filter only specific data for organization analysts that they need to see. You can think of the team as the equivalent of a company department. For example, if you are a member of the HR department, you only want to see the statistics of your HR colleagues, not the statistics of your IT colleagues. And that's what teams are for.

Content activity

This area includes information related to what content you watch and search for on the portal. Specifically, it is the following information:

  • What video you play
  • What video you finish
  • What video you have saved for later
  • What activities of an online course you complete
  • What terms you search for

We archive videos you run and complete so that we can provide you with your statistics in order for you to be able to track your personal development. Based on what you play, we also segment what content you are interested in so that we can recommend you further the most relevant courses.

We store information about videos saved later, mainly for you - you decide which course you save for later. We store this information and then visually mark these courses on the portal. At the same time, you can easily filter them with one click.

We store your searched terms in order to improve our content. We are far from covering all areas that may be of interest to you. And if a searched term that often appears in the search happens to be the one, we do not have a training course for yet, it is a signal for us to prepare such a course. At the same time, it allows us to better index our courses so that they can be easily traced.

Order and payment data

If you decide to order access (subscription) to paid content, we store the following information about you.

  1. If and for how long you have paid (+ history)
  2. Billing information
  3. Telephone number

We need information on whether or not you have paid for a simple reason - so that we can unlock access to the courses for you. We keep track of your order history so that you have a good overview and we can provide you with a downloadable invoice at any time.

We keep track of your billing information so that we can issue you a valid invoice for your order. At the same time, it is more convenient for you - you only need to fill it in once and the portal will remember it in the future.

At the same time, we store invoicing data due to the obligation to archive them in case of inspection from the tax office.

We keep record of your telephone number in order to resolve any problem related to your order as soon as possible. We use the phone number as the primary contact in case of a problem. We do not use your phone number for marketing purposes.

Course evaluation

If you decide to evaluate our training courses, we will save this evaluation. We use it as feedback to our content and also display it as information for other users who choose to open the training course to see how the course is rated by other users of the portal.

Newsletter information

We send regular email newsletters to registered users. Because we aim to make our content delivery as relevant as possible, we store some information about you to help us deliver the most relevant content. It is the following information:

  • The type of operating system of your smartphone
  • Company size
  • Work position

We store the type of operating system of your smartphone in order to know whether we should send you courses with applications on the Android or iOS platform.

The size of the company help us find out what types of tools are relevant to you and what work processes we can expect.

We track your work position in order to be able to recommend you more relevant content (such as public webinars).

Newsletters are discussed in detail in a separate chapter later in the document.

Your incoming emails

Your incoming emails are divided into 3 main types of emails:

  • necessary transactional emails
  • switchable transaction emails
  • newsletters

Necessary transaction emails

The necessary transactional emails are those emails that contain information necessary for your account to function.

Examples of necessary transaction emails are, for example, emails with a link to reset the password, emails with a link confirming a valid email during registration, emails announcing a change in business terms and conditions, etc.

These emails cannot be turned off because without them you would not be able to use your account or you could experience a breach of contract without them. These emails never contain any business messages.

Switchable transaction emails

Switchable transaction emails are emails that are sent to you automatically based on your behaviour within the portal.

Examples of switchable transaction emails are emails with an overview of your watched videos statistics for the selected period, emails in case of your longer inactivity, emails with a request for course evaluation or feedback, etc.

You can disable all these emails. We always guarantee at least the possibility to completely disable all switchable transaction emails at once. We intend to introduce the option to disable only some types of switchable transaction emails.

Switchable transaction emails are all enabled by default. You can disable them in the settings in your profile inside the portal. You can also get to this page by clicking on a link available in any email of this type.

These transactional emails usually do not have the nature of a commercial message, but this is not always the rule, especially due to different understandings of the term commercial message.


Newsletters are emails that are usually not sent to you automatically based on your behaviour in the portal and, if so, they require a special opt-in (for example, entering an email address in a pop-up window granting a free course voucher, etc.).

We distinguish four types of newsletters:

  • course tips
  • regular newsletter
  • other newsletters
  • newsletters with a special opt-in

Course tips. Such a newsletter usually contains a link to a single video, which is only available to paying users by default. However, thanks to the newsletter, you can watch it even if you do not have a paid account.

We send regular newsletter once in 14 days. In the regular newsletter, we summarize the latest content from our blog.

Other newsletters are irregular newsletters, which we send out on the occasion of various interesting events on the topic of digital innovations, etc. The content of these newsletters is variable. Likewise, due to their nature, the time of shipment.

We send you the first three types of newsletters based on your registration. Unsubscribing from these newsletters is possible at each of the emails footer. By unsubscribing from one newsletter, you are automatically unsubscribed from all 3 types of the newsletters at once. We may also unsubscribe you if you request it at

Newsletters with a special opt-in require you to enter your email in the text box and subscribe to it. If this special opt-in also says that we will include you in our newsletter mailing list, it means that we will be sending you the other three types of newsletters as well. However, this does not apply if you have already unsubscribed from these newsletters in the past. Such unsubscription is permanent and we can only reverse it if you personally request it.

All types of newsletters have the nature of a business message.

We use a third-party Ecomail service to send automated email communication.

The universal opt-out option for all emails

To unsubscribe from all email communication, you can send an email to Upon your request, we will unsubscribe you from all email communications except for the necessary transactional emails.

If you do not wish to receive even the necessary transaction emails, we would need to delete your account completely.

Provision of data to third parties

In particular, for the use of our company's marketing tools and applications, we provide your personal data to third parties as little as possible. However, this does not mean that we would sell or misuse your data. The way to simply understand this is for instance the situation where we will upload your emails to the Ecomail email tool, so that we can send you newsletters with interesting content.

The third parties that process your personal information that we provide to them are:

We make sure that all third-party services that handle your personal information adhere to the GDPR. We make sure that these third parties are proven and, if possible, used globally.

Under no circumstances do we provide your data to third parties without authorization and resell it.

Technical and organizational measures

We will process personal data manually in physical form and electronically, including automatic processing. In accordance with the GDPR, we will take all technical and organizational measures to ensure the protection of personal data and to exclude the possibility of unauthorized or accidental access to, modification, destruction or loss of personal data, unauthorized transfers, their other unauthorized processing, as well as other misuse of personal data - for example, storage of personal data in secure areas and electronically on secure servers, regular security backups, access data security, various levels of authorizations of employees, electronic security, anti-virus protection, security guidelines, internal regulations, encryption. We will keep these measures in place throughout our cooperation.

We will entrust the processing of personal data only to selected employees, which we will inform about the obligations under the GDPR and the obligation of confidentiality.

Time of storage of personal data

We will process your personal data only for the time necessary to fulfil the purpose of processing, i.e., for the period of operation of the portal, but always until your profile is deleted (whether on your own or our initiative). The maximum period for which we store this data is 3 years since your last activity. In the event of a legitimate interest in a potential litigation, we retain your personal data for a maximum of five years (in the event of an ongoing dispute until it is fully settled). This only applies to that kind of personal data we need to process during this time. We always delete unnecessary personal data no later than 3 years after the last activity. Once there are no legitimate reasons for processing your personal information, we will safely remove it.

What are your rights and how to exercise them

The right to have access to information and the right to its protection

Whenever you want in the future, you can send us a message to our e-mail address podpora@digiskills.czrequesting a confirmation of whether or not your personal data is being processed. In the event that your data is processed by us, we may, at your request, in addition to the information provided in the Terms and Conditions and this Privacy Policy, inform you of any third parties to whom your personal data has been or will be disclosed. In case we have not obtained your personal data from you, you have the right to access all information available to us about where we obtained your personal information from.

If we process your personal data about you inaccurately, you can alert us about this fact by sending a message to the email address , we will then correct inaccurate personal data without undue delay.

You can edit some of your personal data in your profile on the website or in our newsletter yourself. In the event that you would like to provide us with some additional personal data that you have not previously done so, and this personal data is necessary to ensure the services we provide, you only need to fill it in again in the appropriate place.

The right to object to the processing of personal data

You have the right to object to the processing of your personal data by sending a message to the email address If you file such an objection, we will not be able to process your personal data until we have established what legitimate reasons we have to process your data and that our reason outweighs your interests, your rights and freedoms, or the exercise or defence of legal claims.

The right to restrict work with personal data

You have the right to limit any processing of your personal data, including their deletion:

a) If you let us know that the personal data we obtained is inaccurate, until our accuracy is verified.

b) If the processing of your personal data is illegal and instead of deleting you request a restriction of its use by sending a message to the email address

c) If we no longer need your personal data to provide our services, but you will request it to determine, enforce or defend your legal claims.

d) If you object to data processing under paragraph above, until we have verified that our reasons for processing outweigh your interests.

The right to be forgotten (right to have your personal data erased)

In case you find out that we are processing your personal data:

a) Although their processing is no longer necessary for the purposes for which we obtained them.

b) Even if you withdraw your consent to their processing and at the same time there will be no other reason for their processing (of course only in cases where we process your personal data on the basis of your consent).

c) If you object in accordance with the paragraph above and we will not be able to prove to you our legitimate reasons for processing your data, which would outweigh your interests, your rights and freedoms or the exercise or defence of legal claims.

d) Without authorization.

You have the right to have your personal data deleted by us without undue delay from notifying us of such facts by sending a message to the email address However, we may not, even at your request, delete your personal data if it is necessary for the exercise of the right to freedom of expression and information, for the fulfilment of any of our legal obligations or for a task performed in the public interest, or for the determination, exercise or defence of our legal rights.

The right to access your personal data in machine - readable form

If you send us a message to the email address, requesting us to provide you with the personal data we process, we will send it to you in a structured commonly used and machine-readable format (e.g., * .pdf format, or one of the spreadsheet formats). If you ask us to send your personal data to another data administrator, we are obliged to do so.

The right to ask us to stop sending business messages at any time

In the event that you no longer wish to receive our business messages, you can inform us of your objections at any time without giving reasons either by clicking on the marked link that will be part of each business message, or by sending a message to the email

The right to file a complaint with the Office for Personal Data Protection

In the event that, in your opinion, we do not fulfil all our legal obligations arising in connection with the processing of your personal data, you can contact the Office for Personal Data Protection, either at the address of their registered office, Lt. Col. Sochora 27, Prague 7, postal code 170 00, by email, or in any other way that the Office for Personal Data Protection will accept. More information about the office can be found on the website

Processing of personal data on the basis of the administrator's authorization

If you are part of an organization and that organization purchases a product from us and also provides us with your personal data so that you can have your own access to our portal, we act as a processor of your personal data and we take the provision of personal data by the organization as an authorization to their processing. In the absence of a separate agreement regarding the processing of your personal data, these Principles apply to our processing of personal data (in particular this Article and, mutatis mutandis, all other provisions of this Policy).

The legal basis and purpose of the processing of personal data provided in this way is Art. 6, letter b) GDPR, that is the performance of the contract, Art. 6, letter c) the fulfilment of obligations of our company and Art. 6, letter f) GDPR legitimate interest as set out above. The processing of personal data by us takes place only on the basis of the organization's instructions as administrator and always in accordance with the GDPR.

During the processing of personal data, we undertake to comply with technical and organizational measures that ensure a sufficient level of security of this personal data.

We further undertake to provide, at the request of the organization as administrator, information and documents to demonstrate that our personal data processing activities are in accordance with the GDPR.

All our people are bound by a duty of confidentiality with regard to all information provided. We do not provide data to third parties, except for the use of the above tools such as Ecomail, etc.

Our company undertakes to provide the organization as administrator with cooperation in data subjects' requests, during inspections of the Office for Personal Data Protection and other activities in accordance with the GDPR, and also undertakes to report any case of personal data breach without undue delay.

Máte vše!

If you want to ask anything, don't hesitate to call or write