Privacy Policy (GDPR)

Privacy Policy of Nefilm, s.r.o. in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR). The Czech version is the legally binding version — cs/gdpr/.

1. Data Controller

The data controller is Nefilm, s. r. o., registered at Běleč č.ev. 123, 267 27 Liteň, ID: 22542230 (the "Controller"). Contact: info@nefilm.cz.

2. Personal Data We Process

The Controller processes the following categories of personal data:

• Email address (when creating an account)
• Hashed password (never stored in readable form)
• IP address and browser information (on login and service access)
• Film access logs (date, time, email, IP address)

3. Purpose and Legal Basis

Personal data is processed for the purposes of:

• Providing the service (performance of a contract — Art. 6(1)(b) GDPR)
• Account security and fraud prevention (legitimate interest — Art. 6(1)(f) GDPR)
• Compliance with legal obligations (Art. 6(1)(c) GDPR)

4. Retention Period

Personal data is retained for the duration of the user account. Upon account closure, data is anonymised or deleted within 30 days. Access logs are automatically deleted after 90 days.

5. Recipients

Personal data is not shared with third parties except where required by law. The Controller operates its own infrastructure and does not use third-party processors for user data storage.

6. Your Rights

You have the right to access, rectify, or erase your personal data, restrict or object to processing, and data portability. To exercise these rights, contact info@nefilm.cz. You may also lodge a complaint with the Czech Office for Personal Data Protection (www.uoou.cz).

7. Cookies

The site uses only technically necessary cookies (a session cookie for login). No tracking or advertising cookies are used.

8. Security

Passwords are stored exclusively in hashed form (PBKDF2). All communication uses HTTPS. Access is logged to detect unauthorised activity.

9. Changes to This Policy

The Controller reserves the right to update this policy at any time. The current version is always available on this page. This version is effective from 1 June 2026.