Volthein Energy | Bateriová úložiště a systémová integrace
Kontaktujte nás
Back to home

Privacy Policy

Last updated: 6 February 2026 · Applies to citizens and legal permanent residents of the European Economic Area.

1. Data Controller

The controller of personal data pursuant to Regulation (EU) 2016/679 (the "GDPR") is:

Volthein s.r.o.
Company ID (IČO): 22462571
Registered office: V parku 2308/8, Chodov, 148 00 Prague, Czech Republic
E-mail: contact@volthein.com

The Controller has not appointed a data protection officer.

2. Scope and Purpose of This Policy

This Privacy Policy governs the processing of personal data carried out via the website https://volthein.com/ (the "Website").

The Website serves exclusively as a business-to-business (B2B) corporate presentation website. It is not intended for consumers or the general public.

This Privacy Policy sets out:

  • the categories of personal data processed;
  • the purposes and legal bases for processing;
  • the recipients of personal data;
  • retention periods;
  • the rights of data subjects.

3. Categories of Data Subjects

The Controller processes personal data relating primarily to:

  • representatives of existing or potential business partners;
  • representatives of potential clients and investors;
  • other business contacts communicating with the Controller via the Website.

The Website and its services are not directed at children or individuals under 18 years of age. The Controller does not knowingly collect personal data from minors.

4. Processing of Personal Data

4.1 Contact Form — Business Inquiries

When you submit an inquiry via the contact form available on the Website, the Controller processes the personal data you provide.

Categories of personal data:

  • Name (optional)
  • E-mail address (mandatory)
  • Message content
  • Attachments (if provided by the data subject)

Purpose of processing:

  • Handling and responding to inquiries
  • Business communication
  • Preparation of commercial offers
  • Conducting pre-contractual negotiations
  • Maintaining records of business contacts

Legal basis:

  • Article 6(1)(b) GDPR — processing necessary for taking steps at the request of the data subject prior to entering into a contract;
  • Article 6(1)(f) GDPR — legitimate interest of the Controller in handling B2B inquiries and maintaining business communication.

Use of CRM system: Inquiry data may be recorded in Smartsheet (paid enterprise version), which the Controller uses as a CRM tool for evidence and systematic management of business inquiries and communication history.

Retention period: Personal data submitted via the contact form are retained for 24 months from the date of the last communication relating to the inquiry, unless a contractual relationship is established or a longer retention period is required by applicable law.

4.2 Cookies and Analytics

The Website uses cookies and similar technologies to ensure functionality, security, and analytics. Tools used: Google Analytics, Google Tag Manager, and Cookiebot. Analytics and non-essential cookies are activated only after explicit consent is granted via the Cookiebot consent banner. Further details are provided in the Cookie Policy.

4.3 Newsletter (Not Active)

The Controller plans to introduce an e-mail newsletter service in the future. At present, no newsletter subscription is available and no personal data are processed for newsletter purposes.

4.4 Careers / Recruitment (Not Active)

The Website currently does not include recruitment features and does not process CVs, application documents, or personal data for recruitment purposes.

5. Recipients and Processors

Personal data are shared solely with necessary contractual processors:

Processor Service Location
Microsoft 365 E-mail communication and cloud storage EU/EEA; potential third-country processing under adequate safeguards
Smartsheet CRM and inquiry management EU/EEA; potential third-country processing under adequate safeguards
Cookiebot Consent management platform EU/EEA
Google LLC Analytics (Google Analytics, Google Tag Manager) EU/EEA; potential third-country processing under adequate safeguards

The Controller does not sell, rent, or otherwise transfer personal data to third parties for marketing or commercial purposes.

6. Transfers Outside the EU / EEA

The Website hosting infrastructure is located within the European Union. Certain processors (e.g. Google LLC, Microsoft Corporation, Smartsheet Inc.) may process personal data outside the EU/EEA, including in the United States. In such cases, transfers are safeguarded by:

  • Standard Contractual Clauses approved by the European Commission (Commission Implementing Decision (EU) 2021/914);
  • EU–US Data Privacy Framework (where applicable and valid);
  • Other legally recognised transfer mechanisms ensuring an adequate level of protection.

7. Data Security

The Controller applies appropriate technical and organisational measures including:

  • Role-based access control and the principle of least privilege;
  • Multi-factor authentication (MFA) where applicable;
  • Encrypted communication channels (HTTPS, TLS);
  • Secured IT and e-mail environments (Microsoft 365 with enterprise-grade security);
  • Regular review and auditing of access rights;
  • Contractual obligations imposed on processors to ensure equivalent data protection standards.

8. Data Subject Rights

Data subjects have the following rights under Articles 15–22 GDPR:

Right Description
Right of access (Art. 15)Obtain confirmation whether personal data are being processed and access to such data
Right to rectification (Art. 16)Request correction of inaccurate or incomplete personal data
Right to erasure (Art. 17)Request deletion of personal data (subject to legal exceptions)
Right to restriction (Art. 18)Request limitation of processing under certain conditions
Right to data portability (Art. 20)Receive personal data in a structured, commonly used format (where technically feasible)
Right to object (Art. 21)Object to processing based on legitimate interests or for direct marketing purposes
Automated decision-making (Art. 22)Not applicable — the Controller does not use automated decision-making or profiling

Requests may be submitted to contact@volthein.com. The Controller will respond within 30 days of receipt.

Right to lodge a complaint: Data subjects have the right to lodge a complaint with a supervisory authority, in particular:

Úřad pro ochranu osobních údajů (Office for Personal Data Protection)
Pplk. Sochora 27, 170 00 Prague 7, Czech Republic
Website: https://www.uoou.cz

9. Withdrawal of Consent

Where processing is based on consent (Article 6(1)(a) GDPR), the data subject has the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal. Withdrawal may be submitted to contact@volthein.com.

10. Changes to This Privacy Policy

The Controller reserves the right to amend this Privacy Policy to reflect changes in legal requirements, business practices, or Website functionality. Any material changes will be communicated via the Website. Data subjects are encouraged to review this Privacy Policy periodically.

11. Contact

Volthein s.r.o.
E-mail: contact@volthein.com
Address: V parku 2308/8, Chodov, 148 00 Prague, Czech Republic