We use cookie to store, access and process personal data to give you the best online experience. By clicking Accept Cookie you consent to storing all cookie and ensure best website performance. You can modify cookie preferences or withdraw consent by clicking Cookie Settings. To find out more about cookies and purposes, read our Cookie Policy and Privacy Notice.
1) Introduction
At Cresco Partners s.r.o. (hereinafter “Cresco Partners” or “Company”) we understand the
importance of your privacy and commit to transparency and legality regarding the
processing of your personal data.
We respect your privacy and are committed to protecting your personal data. These
Privacy Policies are designed to help you understand how we collect, use, and share your
personal data and what your rights are under Regulation (EU) 2016/679 of the European
Parliament and of the Council of 27 April 2016 on the protection of natural persons with
regard to the processing of personal data and on the free movement of such data, and
repealing Directive 95/46/EC (General Data Protection Regulation, "GDPR"), Act No.
110/2029 Coll, on Processing of Personal Data (hereinafter as the “Act”), as well as other
applicable laws when visiting our website at https://www.crescopartners.cz.
These Privacy Policies apply to all Cresco Partners interfaces. By using Cresco Partners
services, you agree to the collection, storage, processing, or possibly transferring your
personal data as stated in these Privacy Policies.
2) Data controller
Cresco Partners s.r.o., located at Purkyňova 71/99, 612 00, Brno – Královo Pole, is
registered in the Commercial Register of the Regional Court Brno, insert number: 142282,
ID number: 55 149 065.
Cresco Partners s.r.o. is the operator of the commercial brand "Cresco Partners".
3) Use of data
Cresco Partners will utilize, store, process, and manage your personal data in accordance
with the GDPR and other applicable laws. Your personal data will be processed lawfully,
fairly, and transparently ("lawfulness, fairness, and transparency") within a scope that is
adequate, relevant, and limited to the purposes for which they were obtained ("data
minimization"). Your personal data will be explicitly and specifically collected and
processed only for the purposes for which they were gathered ("purpose limitation"),
while Cresco Partners will only require information necessary in relation to the purposes
for which the data were originally collected. We have implemented processes to ensure
the accuracy ("data accuracy") and adequate security ("integrity and confidentiality") of
personal data. Personal data is not retained in a form that allows identification of the data
subject for longer than necessary for the purposes for which the personal data are
processed ("storage limitation"). Your personal data may be transferred outside of the EEA
(European Economic Area). If such a transfer is carried out, we will ensure that the
transfer is lawful and that appropriate security measures are in place to protect your
personal data, in accordance with applicable regulations.4) Categories of Personal Data
Identification Data
Name, date of birth, nationality, copy of passport/ID card
Contact Details
Service billing document, telephone number, email, proof of address
Professional Information
Employer's name, profession, industry of employment, knowledge and experience
Financial Details
Bank account information, estimated investment amount, gross annual income, net
worth
Tax Details
Tax identification number, tax domicile
Technical Data
IP address
Data Usage
Information about your use of our website, products, and services
Communication Records
Incoming and outgoing communication with us in all forms
The company collects personal data through the following means:
• Direct Interaction We collect identification data, contact details, professional
data, and financial data directly from you through web forms, phone, and email,
among others.
• Automated interaction technologies
5) Purposes and legal basis
Registration
For registration purposes, we process contact and identification data as these are
necessary to fulfil the contract and are also required by legal obligation.
Identification and Verification
For client verification and identification purposes, we process contact, financial, and
demographic data due to legal obligations and the Company's legitimate interests.Provision of Services
To fulfill the contract for the provision of services, we process your contact and financial
information, as well as trading data.
Transaction Processing
We process contact and financial information necessary for the purpose of fulfilling
contract obligations to process transactions.
Compliance
For compliance with legal regulations and statutory requirements, we process
identification, financial, trading, demographic, and communication data, which is a legal
obligation.
Communication
For communication purposes, we process your contact and communication data
important for contract fulfilment and the company's legitimate interests.
Analysis and Service Improvement
For the purpose of service analysis and improvement, we process technical data and
usage information, justified by the company's legitimate interests, such as offering
suitable products, operating websites, and business development.
Promotional, Advertising, and Marketing Services
For promotional, advertising, and marketing services, we process technical and service
usage data, important for the company's legitimate interests, such as business and
product promotion, providing promotional offers related to products of interest, based on
consent to their processing.
Direct Marketing
For direct marketing purposes, we process your contact information obtained based on
your consent.
Top of Form
6) Sharing your data with third parties
Within the use of your personal data for the aforementioned purposes, we may provide
your data to third parties. We require third parties who process or obtain personal data on
our behalf, to fulfil their contractual obligations towards us, to acknowledge the
confidentiality of this data, to commit to respecting the privacy of every individual and to
comply with all applicable personal data protection laws and these Privacy Policies. Wewill never sell or provide your personal data to a third party without a contractual
commitment due to security measures and privacy protection.
Service Providers
The personal data we collect about you may be shared with our third-party service
providers whose services assist us in providing our services. Categories of service
providers to whom we provide personal data include: identity verification services, IT
services, banks and payment processors, credit reference agencies, customer service
providers, and merchants to support service provision.
Advertising Partners
Through our services, we may allow third-party advertising partners to set up tracking
technologies and other tracking tools to collect information about your activities and your
device. We may also combine and share this and other information with third-party
advertising partners. These advertising partners may use (this information) and similar
data collected from other websites for the purpose of delivering targeted advertisements
when you visit third-party websites within their networks.
Disclosure for Rights Protection and Compliance with Authority Requirements
We may access, store, and disclose any information we hold about you to external parties
if, in good faith, we believe it is necessary or appropriate to: comply with law enforcement
or national security requirements and legal processes, such as a court order or subpoena;
protect yours, ours, or others' rights, property, or safety; enforce our policies or contracts;
collect amounts owed to us; or assist in investigating or prosecuting suspected or actual
unlawful activity.
7) Data retention
We retain personal data as specified in these Privacy Policies for as long as you use our
services or as necessary to fulfil the purpose(s) for which it was collected, and as required
by law, such as for audit, tax, accounting, AML/KYC purposes. Retention periods consider
the type of collected information, relevant requirements for the situation, and the need to
destroy outdated, unused information at the earliest appropriate opportunity.
8) Security measures
We have taken all appropriate organizational measures to secure your personal data
(Article 32 GDPR). Additionally, we have provided internal training for our employees.
Employees processing your data are trained to respect customer information
confidentiality and individual privacy. Maintaining the confidentiality of your personal
data is a top priority, and our internal procedures are designed to prevent such situations.
To ensure the confidentiality and protection of your personal data, we employ various
security measures. These measures include, but are not limited to, SSL encryptiontechnologies, PCI scanning for active server protection, cryptographic database
protection, and antivirus software. Personal data is stored in a combination of secure
computer storage, secure servers, and occasionally, when necessary, as paper files. The
company has taken all necessary steps to protect personal data from misuse, loss,
unauthorized access, alteration, or disclosure.
While we make all reasonable efforts to protect your data, you acknowledge that internet
use is not entirely secure, and therefore, we cannot guarantee the security or integrity of
any personal data transmitted from or to you via the internet.
9) Your rights
Right of Access:
You are entitled to access the information we process about you by
contacting info@cresopartners.cz. We will provide a copy of your data upon request.
Identity verification may be required. The first data access request is complimentary, with
a fee possible for additional requests.
Right to Rectification:
If you find inaccuracies in the data we have about you, contact us to make corrections.
Right to Erasure:
If you wish to delete your information, contact us. Note that some data must be retained
due to legal obligations and cannot be deleted during the prescribed period.
Right to Object to Processing:
You may object to the processing of your personal data, and we will halt processing unless
there are compelling reasons to continue.
Right to Data Portability:
You may request the transfer of your personal data to another controller when processing
is based on consent or is necessary for contract performance and done using automated
means.
Right to Restriction of Processing:
You may request us to restrict the purposes for which we process your personal data.
Right to Withdraw Consent:
You have the right to withdraw consent for data processing, and we will cease processing
your data to the extent of the consent provided immediately.
Right to Lodge a Complaint with the Data Protection Authority:You have the right to report any concerns about our processing activities to the National
Data Protection Authority and seek an explanation if we have not provided one in a timely
manner. In the Czech Republic, the authority is the Office for Personal Data Protection,
Pplk. Sochora 27, 170 00 Prague 7, the Czech Republic
Tel: +420 234 665 800; https://uoou.gov.cz
Version No.: v2.0
Last update: 01.09.2025
Last update: 10.09.2025