Terms of Use & Privacy

Last Updated —  14.04.2026

Terms of Use

Thank you for using Ximilar!

Ximilar s.r.o., address: Purkyňova 649/127, 61200 Brno, Czech Republic, reg. number: 06270743, VAT number: CZ06270743 (“Ximilar”, “us”, “we”, or “our”) operates the api.ximilar.com, app.ximilar.com (the “Services”) and demo.ximilar.com (“Demo”) websites. By accessing the Services, you (“User”) are agreeing to be bound by these terms of service, and all applicable laws and regulations, and agree that you are responsible for compliance with any applicable local laws. If you do not agree with any of these terms, you are prohibited from using or accessing this site. The materials contained in this website are protected by applicable copyright and trademark law.

The specific Services provided by us are described in general on Ximilar web: https://www.ximilar.com/services/ and in detail in the user documentation: https://docs.ximilar.com.

Ximilar is a small Czech technology company building narrow, task-specific AI services (image recognition, object detection, visual search) mainly for e-commerce, collectibles, fashion and industrial use cases. We do not operate general foundation models, face-recognition systems, or any social platform.

By purchasing any of our Pricing plans (including the Free Plan), you gain access to your user account, which is identified by your email address and your password (hereinafter referred to as the “User account”). The user account contains an authorization token for communication via API with the provided Services.

Usage and Pricing

The usage of the services is measured as the number of API credits. Every API call (HTTP request) corresponds to a certain number of API credits. The list of operations and their API credit values is available at: https://docs.ximilar.com/quickstart/credits/

Some of the operations can be performed via the graphical web interface at https://app.ximilar.com (for instance uploading Training Data for Image Recognition). The API credits for these operations are considered with the same values as if realized via API.

Ximilar reserves the right to change the API credit values of the individual operations without prior notification.

Ximilar offers several Pricing Plans which determine the types of services available, monthly maximum numbers of API credits and limits for several quantities in different Services (hereinafter referred to as the “Pricing Plans”). Current Pricing Plans and their conditions are available at: https://ximilar.com/pricing.

Ximilar reserves the right to change the types of Pricing plans (including change of the price) with prior notification (at least 30 days) to the users that have adopted respective Pricing plans.

By subscribing to a monthly plan, the user is obliged to pay the monthly fee according to the Pricing Plan chosen by the user. The first payment will be realised on the day of the subscription and all consecutive payments will be realised each month on the same day.

Payments are processed by Stripe, which manages payment data according to the PCI-DSS Level 1 security standard. Ximilar does not store raw payment-card data. Stripe’s privacy policy is available at stripe.com/en-cz/privacy.

The user can cancel their subscription anytime on the Plan setup page (Pricing plan) or contact our team personally and cancel the subscription with them. After the cancellation, the user can use their plan until the end of the monthly period during which the plan was cancelled.

API Terms

Any use of the API (Application Program Interface), including the use of the API through a third-party product that accesses the Service, is bound by these Terms of Service plus the following specific terms:

You expressly understand and agree that we shall not be liable for any direct, indirect, incidental, special, consequential or exemplary damages, including but not limited to, damages for loss of profits, goodwill, use, data or other intangible losses (even if we have been advised of the possibility of such damages), resulting from your use of the API or third-party products that access data via the API.

Abuse or excessively frequent requests to the Service via the API may result in the temporary or permanent suspension of your account’s access to the API. We, in its sole discretion, will determine abuse or excessive usage of the API. We will make a reasonable attempt via email to warn the account owner prior to suspension.

We reserve the right at any time to modify or discontinue, temporarily or permanently, your access to the API (or any part thereof) with or without notice.

Free Plan, Demo and Trial Use

The Free Plan and the Demo at demo.ximilar.com, together with any trial, beta, evaluation, or sandbox features, are provided “AS IS” and “AS AVAILABLE“, without any service-level commitment, availability guarantee, or warranty of any kind. Ximilar may modify, restrict, suspend, or discontinue the Free Plan, Demo or trial features at any time and without notice or liability. The limitations of liability in these Terms apply to all such use; Ximilar’s total aggregate liability in connection with non-paid use is zero to the maximum extent permitted by applicable law.

Visual Content

The user is entitled to upload digital images (hereinafter referred to as the “Content”) which are used by our Services as training data or for search in the Content. The user undertakes not to upload Content that: (i) may create a risk of harm, loss, physical or mental injury, emotional distress, death, disability, disfigurement, or physical or mental illness to the user, to any other person, or to any animal; (ii) may create a risk of any other loss or damage to any person or property; (iii) seeks to harm or exploit children by exposing them to inappropriate content, asking for personally identifiable details or otherwise; (iv) may constitute or contribute to a crime or tort; (v) contains any information or content that Ximilar deem to be unlawful, harmful, abusive, racially or ethnically offensive, defamatory, infringing, invasive of personal privacy or publicity rights, harassing, humiliating to other people (publicly or otherwise), libelous, threatening, profane, or otherwise objectionable; (vi) contains any information or content that is illegal (including, without limitation, the disclosure of insider information under securities law or of another party’s trade secrets); (vii) contains any information or content that you do not have a right to make available under any law or under contractual or fiduciary relationships; or (viii) contains any information or content that you know is not correct and current or (ix) violates any applicable policy, including those related to cheating or ethics. The user further declares that the Content they upload to the Services does not infringe the rights of any third party, including any intellectual property rights or privacy rights. “Intellectual Property Rights” means all patents, copyrights, trademarks, protection of reputation, protection of business secrets and other intellectual property rights that may arise or arise in the future.

The user must not upload Content containing special categories of personal data (Art. 9 GDPR — biometric data processed to identify persons, health data, data revealing race, religion, political opinion, sexual orientation, etc.) unless they have a valid Art. 9(2) legal basis and have notified Ximilar in writing.

Ximilar reserves the right to remove Content violating the above-mentioned statements, according Ximilar’s own discretion. Ximilar is not obliged to monitor and remove the Content.

Ximilar has no responsibility for user Content which the user or any third-party uploads through the user’s User Account into the Services.

By uploading Content, the user gives Ximilar consent to use the Content in a way which is necessary for the operation of the Services – that means access to the Content, displaying and processing of the Content to provide the Service, as well as consent to make changes to the Content to meet the technical requirements of the Services.

Ximilar is not permitted to use the Content in any other way, especially share it with third party, unless the user explicitly allows Ximilar to do it. In particular, Ximilar does not use the user’s Content to train, fine-tune, or evaluate any model offered to other customers or third parties, unless the user gives explicit written permission for a specific purpose.

Images sent only for inference (recognition, similarity, detection, …) are processed in memory to return the result and are not stored.

The recognition models trained by Services “Image Recognition“, “VLM“, and “Object Detection” using users’ Content are available for the user’s exclusive use. The underlying model itself for Image Recognition and Object Detection (its weights, architecture and runtime) is the intellectual property of Ximilar and is not exportable; everything else — Content, labels, annotations, metadata, training datasets, prediction results, VLM models — is fully exportable at any time through our open API at docs.ximilar.com, in line with Regulation (EU) 2023/2854 (Data Act). On termination, Ximilar provides reasonable transition assistance for 30 days.

On request, Ximilar can connect a user account to the user’s own S3-compatible storage bucket in any region; in that case, Content stays in the user’s infrastructure.

Acceptable Use and EU AI Act Compliance

The Services must be used only for lawful purposes and in compliance with applicable laws. Ximilar’s platform is not designed for and must not be used for face recognition, biometric identification, biometric categorisation, or emotion inference. The user must not attempt to use, configure, or retrain the Services to perform any practice prohibited by Article 5 of Regulation (EU) 2024/1689 (“EU AI Act“), in force since 2 February 2025, including:

– (a) subliminal, manipulative, or deceptive techniques materially distorting human behaviour and causing significant harm;
– (b) exploitation of vulnerabilities due to age, disability, or socio-economic situation;
– (c) social scoring of individuals with detrimental effects in unrelated contexts;
– (d) predicting the risk of an individual committing a crime based solely on profiling;
– (e) untargeted scraping of facial images from the internet or CCTV to build or expand facial-recognition databases;
– (f) emotion recognition in workplaces or educational institutions (except narrow medical or safety reasons);
– (g) biometric categorisation inferring race, political opinions, trade-union membership, religion, sexual orientation, or sex life;
– (h) real-time remote biometric identification in publicly accessible spaces for law-enforcement purposes (except as expressly permitted under Art. 5(1)(h)).

The user must also not use the Services to infer, categorise, score, or profile natural persons by any protected characteristic, even where the use would not separately fall under Article 5.

Customer responsibility for use-case classification. Because only the user knows the business context in which the Services are deployed, the user is solely responsible for determining whether their intended use is a “high-risk AI system” under Annex III of the EU AI Act (e.g. biometric ID, employment decisions, critical infrastructure, education, law enforcement, migration, justice). If the use is high-risk, the user is responsible for complying with all obligations of a Provider or Deployer under the AI Act. If the user trains, fine-tunes, retrains, substantially modifies the Services, or deploys an output under their own name in a high-risk context, under Article 25 of the AI Act the user becomes the Provider of that high-risk system, with full Provider obligations. The user must notify Ximilar in writing before such deployment.

Transparency (AI Act Art. 50, applicable from 2 August 2026). Where the user’s deployment interacts with natural persons, generates synthetic image/video/audio (“deepfakes”), or publishes AI-generated text of public interest, the user is responsible as deployer for the corresponding transparency obligations.

Human oversight. For any deployment that could affect individuals’ rights or significant interests, the user must implement meaningful human review of AI outputs (Art. 14 / Art. 26(2) AI Act) and must not rely on the Services as the sole basis for decisions producing legal or similarly significant effects without a lawful basis under Art. 22 GDPR.

Serious incidents (AI Act Art. 73). If the user identifies a serious incident in a system built using the Services, they must notify Ximilar at [email protected] without undue delay and in any event within 24 hours of becoming aware, and cooperate with reasonable investigation requests.

AI literacy (AI Act Art. 4). The user warrants that personnel operating or supervising use of the Services on their behalf have a level of AI literacy appropriate to their role and deployment context.

Technical documentation about the Services — capabilities, limitations, intended purpose, foreseeable misuse — is published at docs.ximilar.com and serves as Instructions for Use under Art. 13 AI Act.

Reporting Illegal Content

Anyone may report allegedly illegal content stored on the Services by emailing [email protected] with (i) the URL or identifier of the content, (ii) why it is allegedly illegal, and (iii) the reporter’s contact details. Ximilar will review notices in line with Article 16 of Regulation (EU) 2022/2065 (Digital Services Act) and act accordingly. Ximilar is not obliged to monitor stored Content proactively (Art. 8 DSA; § 6 of Czech Act 480/2004 Coll.).

Limitation of liability

To the maximum extent permitted by applicable law, in no event shall Ximilar be liable for any indirect, direct, punitive, incidental, special, consequential or exemplary damages, including without limitation damages for loss of profits, goodwill, use, data, business, or other intangible losses, that result from the use of, or inability to use, the Services. Under no circumstances will Ximilar be responsible for any damage, loss or injury resulting from hacking, tampering or other unauthorized access or use of the Services or User account or the information contained therein. Under no circumstances will Ximilar be liable for any damages resulting from using third-party products that access data via the API.

To the maximum extent permitted by applicable law, Ximilar assumes no liability or responsibility for any (i) errors, mistakes, or inaccuracies of content; (ii) personal injury or property damage, of any nature whatsoever, resulting from the user’s access to the Services; (iii) any unauthorized access to or use of the Services and/or any and all personal information stored therein; (iv) any interruption or cessation of transmission to or from the Services; (v) any bugs, viruses, trojan horses, or the like that may be transmitted to or through the Services by any third-party; (vi) any errors or omissions in any content; and/or (vii) user content or the defamatory, offensive, or illegal conduct of any third-party. In no event shall Ximilar be liable to the user for claims, proceedings, liabilities, obligations, damages, losses or costs in an amount exceeding the amount the user paid to Ximilar for the provided Services.

This limitation of liability section applies whether the alleged liability is based on the Agreement, tort, negligence, strict liability, or any other basis, even if Ximilar has been advised of the possibility of such damage.

Ximilar does not provide any warranty on the accuracy of Services, likely results or reliability of the Services.

Nothing in these Terms limits liability for fraud, wilful misconduct, death or personal injury caused by Ximilar’s negligence, or any other liability that cannot be excluded under applicable mandatory law, including any non-excludable liability under the revised EU Product Liability Directive (Directive (EU) 2024/2853, applicable from 9 December 2026). The user remains responsible for the user’s own deployment, integration and intended use of the Services, including their classification under the EU AI Act.

Indemnification

The user agrees to indemnify, defend and hold Ximilar (including its affiliates, directors, employees, and contractors) harmless from and against any third-party claims, liabilities, damages, fines, losses, and reasonable costs (including reasonable legal fees) arising out of or in connection with: (a) the user’s Content; (b) the user’s use of the Services; (c) the user’s breach of these Terms or the Acceptable Use clauses; (d) the user’s violation of any law or third-party right (including intellectual property, privacy, or data-protection rights); or (e) the user’s deployment of the Services in a context that constitutes a high-risk AI system under the EU AI Act without the user complying with the corresponding Provider or Deployer obligations.

Force Majeure

Ximilar is not liable for any failure or delay in performance caused by events beyond its reasonable control, including without limitation acts of God, war, terrorism, civil unrest, government action or sanctions, epidemic or pandemic, natural disaster, fire, flood, strike or labour dispute, internet or telecommunications outage, failure of upstream cloud or infrastructure providers, denial-of-service or other cyber-attack, or any other event of force majeure. Ximilar will use commercially reasonable efforts to resume performance as soon as practicable.

Miscellaneous

Severability. If any provision of these Terms is found by a competent court or arbitrator to be invalid, illegal or unenforceable, that provision will be limited or eliminated to the minimum extent necessary, and the remaining provisions will remain in full force and effect.

Survival. Provisions that by their nature should survive termination — including those relating to ownership and intellectual property, indemnification, limitation of liability, confidentiality, governing law, and dispute resolution — will survive termination of these Terms and of the user’s account.

No assignment. The user may not assign or transfer these Terms or any account or rights under them, in whole or in part, without Ximilar’s prior written consent. Ximilar may assign these Terms to an affiliate or to a successor in connection with a merger, acquisition, reorganisation, or sale of all or substantially all of its assets.

Entire agreement. These Terms (together with the Privacy Policy and any order form or DPA executed between Ximilar and the user) constitute the entire agreement between the parties regarding the Services and supersede all prior understandings, communications, and agreements on that subject.

No waiver. Failure or delay by Ximilar to enforce any provision of these Terms is not a waiver of that or any other provision.

Notices. Notices to the user may be sent to the email address associated with the account; notices to Ximilar must be sent to [email protected].

Accuracy of materials

The materials that appear on Ximilar’s website could include technical, typographical, or photographic errors. Ximilar does not warrant that any of the materials on its website are accurate, complete, or current. Ximilar may make changes to the materials contained on its website at any time without notice. Ximilar does not, however, make any commitment to update the materials.

Terms of Use Modifications

Ximilar may revise these Terms and Conditions of Use at any time without notice; provided that, if we make any material changes to these Terms and Conditions of Use, we will use commercially reasonable efforts to notify you (at least 30 days in advance by email and by updating this page). By continuing to use Ximilar, you are agreeing to be bound by the then-current version of these Terms and Conditions of Use.

If a change in law — including delegated or implementing acts under the EU AI Act, future amendments to Annex III, or binding regulator guidance — reclassifies the Services or imposes new obligations, Ximilar may update these Terms with at least 60 days’ notice.

Governing Law

Any claim relating to Ximilar’s website or Ximilar Services shall be finally settled under the Rules of Arbitration (Vienna Rules) of the Vienna International Arbitral Centre (VIAC) of the Austrian Federal Economic Chamber by one or three arbitrators appointed in accordance with the said Rules. The substantive law applicable to the contractual relationship is Czech law.

Privacy Policy

This page informs you of our policies regarding the collection, use and disclosure of Personal Information when you use our Service.

We will not use or share your information with anyone except as described in this Privacy Policy.

We use your Personal Information for providing and improving the Services. By using the Services, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms of Use (see above).

Ximilar acts as controller for personal data about User account holders and website visitors, and as processor under Article 28 GDPR for personal data contained in Content uploaded by business customers (where the customer is the controller).

Information Collection And Use

While using our Services, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to, your email address, name, company and billing details, account and authentication data, usage telemetry, and support correspondence (“Personal Information”).

The legal bases on which Ximilar relies (Art. 6 GDPR, Purpose – Legal basis):

  1. Providing the Services, account management – (b) performance of contract
  2. Billing, invoicing – (b) contract + (c) legal obligation (Czech Accounting Act 563/1991) 
  3. Security, fraud and abuse prevention – (f) legitimate interest
  4. Product analytics and improvement (aggregated) – (f) legitimate interest
  5. Website analytics (Google Analytics 4, Google Signals disabled) – (a) consent via cookie banner
  6. Marketing to existing business customers – (f) legitimate interest, recital 47 GDPR
  7. Newsletters / prospects – (a) consent
  8. Tax, accounting, AI Act / DSA record-keeping – (c) legal obligation

Ximilar does not process special categories of personal data (Art. 9) as controller and does not perform face recognition.

Data Protection Officer. Ximilar is a small company; the formal DPO role is not mandatory under Art. 37 GDPR. Privacy matters are handled by [email protected].

Data Deletion and Retention

Any user of Ximilar App can request their account deletion via livechat in our App, on our website and demo, or via contact form. When a user requests their account deletion, all their training data and models (tasks), along with their Personal information, will be deleted within 48 hours.

Specific retention periods:

  1. Uploaded training images & annotations – While in user’s account; deleted immediately on user deletion (encrypted backups purged within 30 days)
  2. Inference (prediction) images – Not stored — processed in memory and discarded
  3. Custom-trained models – Deleted with the account, or earlier on request
  4. Account data – Deleted immediately on account deletion (except items required by law)
  5. Invoices and accounting records – 10 years (Czech Accounting Act 563/1991, § 31)
  6. Security and API access logs – 12 months 
  7. Analytics (GA4) – Up to 14 months, then aggregated 
  8. Support correspondence – 3 years after last contact 
  9. Marketing consent records – Until withdrawal + 3 years for proof |

Data Collection

We may also collect information that your browser sends whenever you visit our Service (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages and other statistics.

In addition, we may use third-party services such as Google Analytics 4 (with IP truncation; Google Signals is disabled) and Google Ads to analyse traffic and run advertising. These services run only after the user gives consent via the cookie banner. Google’s policies are at policies.google.com/technologies/partner-sites and google.com/analytics/policies.

Cookies

Cookies are files with a small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your computer’s hard drive. We use cookies to collect information.

On first visit you will see a cookie banner offering equally prominent Accept all and Reject all buttons, plus a Preferences layer for granular control. Only strictly necessary cookies (session, CSRF, load balancing) are set before you choose. Analytics and advertising cookies are set only after consent. You can withdraw consent any time from the Cookie Settings link in the site footer.

Service Providers

We may employ third-party companies and individuals to facilitate our Services, to provide the Services on our behalf, to perform Service-related services or to assist us in analyzing how our Services are used. These third parties have access to your Personal Information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Uploaded images and multimedia are stored in AWS S3, Frankfurt (eu-central-1), European Union, or — at the user’s choice — in the user’s own S3-compatible bucket. Everything else (accounts, metadata, models, logs) is stored on our own servers in datacentres in the Czech Republic. These datacentres are certified ISO 27001, ISO 9001, ISO 14001, ISO 45001, ISO 20000.

Current sub-processors (Sub-processor, purpose, location):

  1. Amazon Web Services EMEA SARL – Image/multimedia storage (S3) – EU (Frankfurt)
  2. Stripe Payments Europe Ltd. Stripe, Inc. – Card payments – Ireland / US (EU-US DPF)
  3. Fakturoid s.r.o. – Invoicing and accounting records – Czech Republic
  4. Make (Celonis s.r.o.) – Automation and integration between internal systems – Czech Republic / EU
  5. Google Ireland Ltd. / Google LLC – Website analytics (GA4), Google Workspace, advertising (Google Ads) – Ireland / US (EU-US DPF)
  6. Postmark (ActiveCampaign, Inc.) – Transactional email delivery – US (EU-US DPF)

Business customers will be notified of new sub-processors at least 30 days before they begin processing their data.

Communications

We may use your Personal Information to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt-out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send.

Your Rights

Under Articles 15–22 GDPR, you have the right to: access the data we hold about you (Art. 15); rectify inaccurate or incomplete data (Art. 16); delete your data, subject to legal retention (Art. 17); restrict processing in certain cases (Art. 18); portability in a structured, machine-readable format where processing is consent- or contract-based and automated (Art. 20); object to processing based on legitimate interests (Art. 21) — objection to direct marketing is absolute; not be subject to solely automated decisions with legal or similarly significant effects (Art. 22); and withdraw consent at any time (Art. 7(3)).

To exercise a right, email [email protected]. We respond within one month (extendable by two months for complex cases) and may need to verify your identity.

You also have the right to lodge a complaint with the Czech Data Protection Authority (Úřad pro ochranu osobních údajů, ÚOOÚ) — uoou.gov.cz — or with the supervisory authority in your EU country of residence.

Security

The security of your Personal Information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.

We apply appropriate technical and organisational measures under Art. 32 GDPR, including TLS encryption in transit, encryption at rest for image storage, least-privilege access, strong authentication for admin access, network segmentation, vulnerability management, and regular backups. Operational status is published at status.ximilar.com.

If a personal data breach occurs, Ximilar will notify the Czech Data Protection Authority (ÚOOÚ) within 72 hours where the breach is likely to result in risk (Art. 33), notify affected individuals without undue delay where the breach is likely to result in high risk (Art. 34), and notify affected business customers without undue delay (target: within 48 hours) so they can meet their own 72-hour deadline.

International transfer

Your information, including Personal Information, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those from your jurisdiction. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

Our primary infrastructure is in the EU. Some sub-processors (notably Google, Stripe) may transfer personal data to the United States. For those transfers we rely on the EU-US Data Privacy Framework (Commission adequacy decision of 10 July 2023) where the recipient is DPF-certified, and/or the 2021 Standard Contractual Clauses (Commission Decision 2021/914) with supplementary safeguards. If the DPF is invalidated we will switch affected transfers to SCCs without delay.

If the user chooses to store Content in their own S3 bucket outside the EEA, the user is responsible for ensuring that transfer is lawful in their jurisdiction.

Processor Terms for Business Customers (Art. 28 GDPR)

When a business customer uploads Content that contains personal data, the customer is the controller and Ximilar is the processor. The following terms apply and serve as a data processing agreement.

– We process Content only on the customer’s documented instructions, i.e. to provide the Services configured in the customer’s account.
– Our staff are bound by confidentiality.
– We apply the security measures described in the Security section.
– We use only the sub-processors listed in the Service Providers section and provide 30 days’ advance notice of changes; the customer may object.
– We assist the customer with data subject requests, security, breach notification, DPIAs, and prior consultation.
– The customer can inspect, export, or delete Content at any time through our open API at docs.ximilar.com.
– On termination we delete Content immediately from active systems (backups: 30-day rolling purge); we will confirm deletion in writing on request.
– For most customers these terms are sufficient. If internal policies or sectoral regulation require a signed standalone DPA, Ximilar provides one on request — write to [email protected].

Links to Other Sites

Our Service may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third-party’s site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

Change to this Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page (and, for material changes, by email at least 30 days in advance). You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Single Points of Contact

For all of the following purposes, write to [email protected] (languages: English, Czech). Technical questions: [email protected].

– General questions, privacy, GDPR data-subject requests
– DSA Art. 11 — single point of contact for EU Member State authorities, the European Commission, and the European Board for Digital Services
– DSA Art. 12 — single point of contact for recipients of the Services
– DSA Art. 16 — reports of allegedly illegal content
– EU AI Act — serious-incident reports and authority inquiries
– Standalone DPA requests

Contacting Us

If you have any questions or concerns about our Services, Terms of Use or Privacy Policy, you may contact us at: [email protected] or phone number: +420 606 767 147.