1. Data Controller
1.1 The data controller is the company:
J&E Limited s.r.o.,
se sídlem: Plzeňská 3352/156, Smíchov, 150 00 Praha 5,
IČO: 243 26 445,
zapsaná v obchodním rejstříku pod sp. zn.: C 439434, vedená u Městského soudu v Praze
(hereinafter the “Controller”).
1.2 Should the User have any questions regarding the processing of personal data, they may contact the Controller at the following email address:
1.3. The Controller has not appointed a Data Protection Officer. All questions relating to personal data protection must be directed to the contact details provided in Article 1.2.
2. Categories of Personal Data Processed
2.1 The Controller processes personal data provided by the User in connection with the use of the Service, in particular:
a) identification data – name and surname, or username (nickname),
b) contact data – email address or phone number,
c) service usage data – in particular information on the rental of the powerbank, the duration of its use and the amounts charged,
d) technical and operational data – information relating to the use of the Service’s web interface and identification of the station from which the powerbank was rented,
e) payment data – data on completed transactions and pre-authorisations, processed by the Supplier and payment service providers.
2.2 The Controller does not process data on the precise location of the User (e.g. GPS data). Location data is limited solely to identification of the place (station) where the Service was used.
3. Purposes and Legal Bases of Processing
3.1 Personal data is processed for the following purposes:
a) Provision of the Service (including registration, conclusion and performance of the contract)
Legal basis: performance of a contract pursuant to Article 6(1)(b) GDPR
b) Ensuring payments and operation of the Service
Legal basis: performance of a contract and the legitimate interest of the Controller in the proper functioning of the Service
c) Protection of the Controller’s rights and prevention of misuse (including in particular handling of non-return of devices, complaints and potential disputes)
Legal basis: legitimate interest of the Controller pursuant to Article 6(1)(f) GDPR
d) Maintenance of accounting records and compliance with legal obligations
Legal basis: compliance with a legal obligation pursuant to Article 6(1)(c) GDPR
4. Recipients of Personal Data
4.1 Personal data may be made accessible to third parties involved in the provision of the Service (the Supplier, business partners, accounting service providers, etc.).
4.2 In particular, this refers to the technology supplier responsible for operating the web interface, managing user accounts and providing the payment interface (the “Supplier”).
4.3 The Supplier processes personal data on the basis of a contractual relationship with the Controller and has adopted appropriate technical and organisational measures for the protection of that data.
4.4 In connection with the processing of payments, personal data may also be made accessible to payment service providers (e.g. payment gateway providers, banks, Apple Pay, Google Pay), who act as independent data controllers in respect of such processing.
4.5 Personal data may further be made accessible to public authorities where required by applicable law.
5. Retention Periods for Personal Data
5.1 Personal data is retained for the period necessary for the fulfilment of the purposes for which it was collected.
5.2 Data processed for the purpose of performance of a contract is retained for the duration of the contractual relationship and thereafter for the period necessary to protect the Controller’s rights, generally for a period of 3 years from the termination of that relationship.
5.3 Data processed for the purpose of compliance with legal obligations (in particular accounting and tax obligations) is retained for the period prescribed by the relevant legislation, generally for a period of 10 years.
5.4 Operational and technical data may be retained for the period necessary to ensure the security and functionality of the Service.
5.5 Payment transaction data is retained in accordance with the applicable accounting and legal obligations referred to in Article 5.3. Detailed payment data, including card data, is processed and retained exclusively by the Supplier and payment service providers, who act as independent data controllers in respect of such processing.
6. Rights of Data Subjects
6.1 The User has the right to:
a) access their personal data,
b) rectification of inaccurate or incomplete data,
c) erasure of personal data where it is no longer necessary for the purposes for which it was processed,
d) restriction of processing,
e) data portability,
f) object to processing based on legitimate interest.
6.2 The User may exercise their rights using the contact details provided in Article 1.2.
6.3 If the User believes that their rights in the area of personal data protection have been infringed, they have the right to lodge a complaint with the supervisory authority, which is the Office for Personal Data Protection (Útřad pro ochranu osobních údajů), accessible at www.uoou.cz.
7. Security of Personal Data
7.1 The Controller has implemented appropriate technical and organisational measures to protect personal data against unauthorised access, loss or misuse.
7.2 Personal data is processed through secured systems and access to it is restricted to authorised persons only.
8. Final Provisions
8.1 These privacy policy principles may be updated by the Controller on an ongoing basis.
8.2 The current version is always available within the Service’s web interface.
8.3 These principles take effect on 08.05.2026.
This is an English translation of the original Czech language Privacy Policy. In the event of any discrepancy between this translation and the Czech original, the Czech original shall prevail.
COPYRIGHT © 2026 J&E Limited s.r.o. - ALL RIGHTS RESERVED