Spanish
Portuguese
French
Italian
GermanPrivacy policy
issued by StrategyQuant s.r.o., ID No.: 04000498, with its registered seat at Korunní 2569/108, Vinohrady, 101 00 Prague, Czech Republic, registered in the Commercial Register maintained by the Municipal Court in Prague, file No. C 241239 (hereinafter referred to as “us” or “Controller” or “StrategyQuant”).
We take the protection of your personal data very seriously. This Privacy Policy explains the purposes, legal bases, and ways in which we process your Personal Data. It also sets out your privacy rights and how you can exercise them.
If you have any questions about how we process your Personal Data, please contact us by email at [email protected].
Some Personal Data is necessary for us to perform the purchase agreement; some we process based on our legitimate interests. In other cases, the law requires us to process your data (for example, for accounting). We may engage processors who can access your Personal Data on our behalf. Where required, we will ask for your consent before processing your Personal Data.
To make this Privacy Policy easier to read, we use the following defined terms:
| Agreement | means the contract between you and StrategyQuant that governs your purchase and use of our products and services (including our License and Service Terms), and sets out our and your respective rights and obligations; |
| Customer | an individual who enters into an Agreement with StrategyQuant (or acts on behalf of a business customer), creates a user account, purchases licenses/credits, downloads or uses our software, accesses the Platform or AI Features, or otherwise uses our paid or trial Services; |
| CCPA | means California Consumer Privacy Act of 2018; |
| Data Subject | any natural person whose Personal Data we process; |
| EEA | means European Economic Area; |
| GDPR | Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data; |
| Job Applicant | an individual who applies for a position with StrategyQuant, participates in our recruitment process, or otherwise provides Personal Data in connection with potential employment or contracting; |
| Personal Data | means any information relating to an identified or identifiable natural person; |
| Platform | means the online interfaces operated by StrategyQuant through which you create and manage your account, purchase licenses/credits, download software, access AI features, and receive related services; |
| Processing | means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage,
adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction; |
| Processor | any natural or legal person that processes Personal Data on StrategyQuant’s behalf and under our documented instructions, based on a data processing agreement; |
| Service | means the products and services provided by StrategyQuant, including our downloadable software, the Platform, AI Features, Support, Data Services, and Courses; |
| Special Categories of Personal Data | means data that are more sensitive by nature and warrant enhanced protection, for example, information revealing your racial or ethnic origin, sexual orientation, trade union membership, health data, or religious or philosophical beliefs. It also includes genetic and biometric data when processed for the purpose of uniquely identifying a natural person.
We do not process this category of Personal Data; |
| User | a natural person to whom Personal Data relate; most often this involves Website Visitors, Customers or Job Applicants, also referred to as “you”; |
| Website Visitor | any individual who visits, browses, or interacts with our websites, forums or publicly available pages. |
1. HOW WE APPROACH THE PROCESSING OF PERSONAL DATA
Your privacy is a priority. We only request the Personal Data that are necessary to provide the Services, and we process them in line with GDPR standards.
If you entrust us with your data, we will handle it in accordance with the applicable data protection laws that apply to you. Our Processing of Personal Data may adapt to specific legal requirements in the countries of processing; however, the GDPR is our minimum standard in all cases. Your rights in relation to Personal Data are described below.
2. OUR ROLE IN RELATION TO PERSONAL DATA
Depending on the context, StrategyQuant may act as a Controller or a Processor.
When does this Privacy Policy apply? These Privacy Policy terms apply when StrategyQuant acts as a Controller, unless we explicitly state otherwise. They cover the Processing of Personal Data of Users. They do not govern situations where we process Personal Data as a Processor on someone else’s instructions.
- StrategyQuant as Controller
We act as a Controller in relation to Personal Data that we collect and decide how to use, in particular:
- Customers using our downloadable software, the Platform, Support, Data Services or Courses (e.g., account data, billing contact, usage logs necessary for security and troubleshooting).
- Website Visitors to our public websites and pages (e.g., analytics, cookies – subject to consent where required).
- Job Applicants participating in our recruitment.
A list of categories of data, purposes and legal bases is provided below in this Policy.
Our Processors. To deliver our services efficiently, we engage Processors (e.g., cloud hosting, email delivery, analytics, support tools). We have data processing agreements in place and require appropriate security and confidentiality. Our current processors are listed in Section 5.
- StrategyQuant as Processor
In some scenarios we process Personal Data on behalf of another controller, following their documented instruction, for example:
- Where a purchase is made through FastSpring, FastSpring is typically the Controller for the checkout and billing relationship. To the extent StrategyQuant receives Personal Data from FastSpring solely to fulfill license delivery/activation or provide support linked to that purchase, StrategyQuant acts as Processor to FastSpring for that data and processes it under their instructions and our data processing terms with FastSpring.
- If you enter Personal Data into a user account or elsewhere for which you are the administrator, we are the processor of this personal data.
Where we act as a Processor, we may engage Subprocessors in accordance with the applicable DPA. Access to Personal Data is limited and governed by contractual and technical safeguards.
3. WHAT PERSONAL DATA DO WE PROCESS ABOUT YOU?
How do we process Personal Data? We process your Personal Data only to the extent necessary to achieve the purpose for which the data was collected, and we observe technical and organizational security rules during processing. The Personal Data processing process is automated, but we do not conduct profiling.
Special Categories of Personal Data. We do not process any Personal Data of a sensitive nature about you.
Processing of Personal Data by AI. In the context of processing Personal Data, we also use artificial intelligence (AI) in justified cases. However, we do not use it for automated decision-making or profiling within the meaning of the GDPR (in particular Article 22). All processing of Personal Data is subject to human decision-making, AI itself does not make any decisions about you. We use artificial intelligence primarily for the provision of HR Services, especially for research and optimization, and we also use it for our internal HR.
4. SUMMARY OF REASONS AND PURPOSES FOR PROCESSING YOUR PERSONAL DATA
We understand that it can sometimes be difficult for you to navigate through the amount of text explaining how and why we process your Personal Data. To provide you with basic information about the processing of your Personal Data quickly and clearly, we have summarized everything in this clear table:
| Why? | What Personal Data? | Which Users? | How long? |
| Website Visit. Ensuring basic functions of our website, analytics, improving our services and our promotion. Preferences can be set in the cookie bar. | Pseudonymized identifiers of registered users, IP address. | Website Visitors | The processing duration varies according to individual cookie types. Some process data only for the duration of the session (visit), others for a longer period. |
| Sending an Inquiry and Communication. We process Personal Data based on consent to handle the inquiry, or we have a legitimate interest, or we are fulfilling a legal obligation. | Name, surname, e-mail, other Personal Data you communicate to us. | Users who contact us via the form on our website, or contact us directly via e-mail listed on the website. | Closed inquiries are regularly deleted, but no later than 4 years after your inquiry. If the inquiry or communication is from a client who has a User Account or purchased software as a Service, the communication is retained for the entire term of the Agreement and 4 years after its termination. |
| Community Forum. To enable discussion between Users, asking questions, and sharing know-how. We process data based on your consent (by posting) or legitimate interest in building a community. | Username (nickname), profile picture, and the content of your posts or comments. | Users who contribute to the forum. | We process the posts for the duration of the forum’s operation or until you request their deletion or delete them yourself. |
| Sending Commercial Communications (direct marketing). If you are our Customer (we have a legitimate interest) or have subscribed (consent granted), we will send you a newsletter. | Name, surname and e-mail. | Users who have subscribed to our newsletter and/or our Customers. | Data is processed for 2 years from the last active viewing of the newsletter, unless you unsubscribe sooner. |
| Comments on Social Networks. You can also write to us on our social networks. We process your Personal Data based on consent. | Name, surname, username, Personal Data published by you. | Users who publish a post on our social network profile. | We leave your comments on the post for as long as it is published on our profile. |
| User Account. If you create a user account, we process your Personal Data on the legal basis of performance of the Agreement in order to create and manage your account, provide access to our Platform and Services, and fulfill our contractual obligations. | Data filled in during login, specifically your e-mail and password. You can fill in other Personal Data within the user account, such as name and surname. | Users who have set up a user account. | We process your data for this purpose for the duration of the user account’s existence and subsequently for 4 years after the end of the Agreement. |
| Provision of Service. We process your Personal Data for the purpose of performance of the Agreement. | Data filled in during registration or in the Agreement, especially your e-mail and other contact details (see above) and possibly billing details. | Users using the Services. | Data is processed for the duration of the Agreement and subsequently for 4 years after the end of the Agreement. |
| Webinars. As part of our Services, you can sign up for one of our webinars or courses. We will process your data due to performance of the Agreement. | E-mail, name, and surname. You may communicate some Personal Data to us during the webinar. Please note that we may make video recordings of some of these events. | Users who sign up for a webinar or course we organize. | Data is processed for 6 months from the webinar or course. |
| Recruitment. You can find current vacancies on our website. | Data you provide to us in the submitted CV. Name and surname, address, date of birth, phone number, e-mail address, potentially a link to a social network, data on former employment, education, interests, skills, certifications. | Job Applicants who apply for a position with StrategyQuant or send us their CV. | Based on legitimate interest, we may keep Personal Data of Job Applicants for 4 years. The reason is the possibility that we may have an interesting job offer for you later. |
| Accounting. We keep accounts for the purpose of fulfilling legal obligations. | Personal Data on the invoice – name, surname, e-mail address, billing address, or other identification of the Customer and performance under the Agreement. | Customers who purchase Services. | We have a legal obligation to archive or keep the relevant document; the period depends on what the law requires (specifically 5 to 10 years for accounting and tax documents). |
| Compliance with Legal Obligations. In certain cases, we must process your Personal Data to fulfill obligations established by law. | Specifically, this may involve name, surname, e-mail address, billing details, or other identification of the Data Subject. | Users whose Personal Data we are obliged to process based on relevant legal regulations. | We process your Personal Data for the period established by relevant legal regulations. |
5. WHO ARE OUR PROCESSORS?
Processors. We use only verified Processors with whom we have concluded a written agreement, and who provide us with at least the same guarantees as we provide to you. The data that Processors may process, including the purpose and legal title for processing, have been listed above.
| Website Operation, Hosting & Infrastructure | AWS, Kinsta, Cloudways, PlanetScale, Hetzner, Coolhousing |
| Payments & Order Processing | FastSpring |
| Customer Support & Communication | LADesk, Dante.AI, Featurebase |
| Email Services & Newsletters | SmartEmailing |
| Accounting | Altaxo Accounting |
| Analytics & Performance | Google Analytics, Facebook |
| Social Networks & Content | Facebook, LinkedIn, YouTube |
| Recruitment | jobs.cz, Startupjobs, LinkedIn |
Legal Obligations. In addition to the Processors listed above, we may transfer Personal Data to third parties if required by law or in response to lawful requests by public authorities or upon court request in legal disputes.
Processing outside the EEA. If data is transferred from the EEA to other countries, we ensure a high standard of Personal Data protection through standard contractual clauses approved by the European Commission, or equivalent standard contractual clauses for the United Kingdom, for transfers to countries that are not subject to an adequacy decision by the European Commission or your local legislator
6. WHAT MEASURES HAVE WE TAKEN TO PROTECT YOUR PERSONAL DATA?
Our Users can influence the scope of processing within the provision of Services through their own settings through Platform in the user account.
Technical measures. Security is very important to us, and therefore we continuously work to ensure your Personal Data is protected. When choosing measures, we take into account the scope of processing, the risk of processing, or the state of our technology.
- We regularly back up data;
- We encrypt data using SSL/TLS for all data transmission;
- We use the secured HTTPS protocol;
- Our data on servers is encrypted.
Organizational measures. We have adopted and commit to maintaining the following measures:
- Our employees are bound by confidentiality;
- Our employees are properly trained and also regularly re-trained regarding GDPR and familiarized with the rules of safe work on work devices;
- Access to all systems, including the information system, is personalized and protected by secure passwords.
7. YOUR RIGHTS AND POSSIBILITY TO SUBMIT A REQUEST REGARDING PERSONAL DATA PROTECTION
You can exercise your rights at the e-mail [email protected].
How quickly will we handle your request? We will answer you no later than within one month. If providing information would jeopardize the privacy of other persons, or if providing it would be disproportionate to the risks or costs of providing it, it is possible that we will not be able to comply with your request. To handle your request as soon as possible, we may need to verify your identity. In the case of a repeated request, the Controller will be entitled to charge a reasonable fee for a copy of Personal Data.
| Right of access | You have the right to information about the purposes of processing, categories of Personal Data, recipients to whom they are disclosed, and the processing period. You have the right to know if any right has already been exercised. A prerequisite is also that the rights and freedoms of other persons will not be adversely affected. |
| Right to rectification | You have the right to request the correction of inaccurate Personal Data. You can correct some data in your user profile. |
| Right to erasure | If there is no other reason to continue processing this data, we will delete or anonymize the data requested by you. |
| Right to restriction of processing | Please contact us if you believe we are processing data incorrectly. Whether it concerns the reasons for processing or its scope. |
| Right to notification of rectification, erasure, or restriction | In the event that you contact us with a request, we will inform you of the result. Sometimes it may happen that we cannot comply. |
| Right to portability | We will provide your Personal Data, which you provided to us in a structured and machine-readable format, to another controller upon your request. |
| Right to object | For direct marketing, we will stop processing immediately. For other interests, in the event that your objection is justified, we will stop processing the Personal Data and take further necessary steps. |
| Right to withdraw consent | If you have changed your mind, please let us know. Processing concerning marketing and business purposes can be revoked at any time. |
| Automated individual decision-making including profiling | Do you not want a computer to decide about you? We respect your right, therefore we do not conduct profiling. We provide Services, and thus your Personal Data may be processed automatically. |
8. INTERNATIONAL PROVISION OF SERVICES
If we use Processors who are based abroad, we ensure that we comply with the requirements of the relevant legislation. In particular, where there are transfers of data from the EEA to other countries, we ensure a high standard of protection for Personal Data through standard contractual clauses approved by the European Commission, or the equivalent standard contractual clause for the United Kingdom (UK General Data Protection Regulation (UK GDPR)), for transfers to countries that are not subject to an adequacy decision by the European Commission or your local legislator.
We follow the standards of the GDPR and the protection of Personal Data is very important to us. We also provide our Services outside of the EEA market, so your rights related to the protection of Personal Data depend on the applicable legislation that applies to you.
CALIFORNIA CONSUMER PRIVACY ACT
If you are a California resident or resident of other states of the United States of America, you are subject to the CCPA legislation and have the right to know how we process your data.
What data do we process? In order to provide our Service to you, we need your data. What personal data this is and for what purpose we process it is set out above. We may retain this personal data for as long as needed for the purposes for which it was collected, and only for the necessary period. This will depend on our business, legal and regulatory needs, but it will always be for a reasonable period of time.
| What are your rights? | The CCPA guarantees you the following rights. |
| Right to information | You have the right to request information about what Personal Data we collect, use, disclose, share, and sell about you, where we obtained it from and for what purpose we process it. |
| Right to erasure | You have the right to request that we delete your Personal Data and require our Processors to do the same. We will delete your data unless we have a legal obligation to retain your data or one of the other exceptions applies. |
| Right to refuse sale or sharing | You have the right to refuse to allow us to sell your data. As we share personal data with our Processors, this operation may be considered a sale of personal data under the CCPA. |
| Right to rectification | You have the right to request the correction of inaccurate personal data. You can correct certain data in your user account. |
| Right to restrict the use and disclosure of sensitive personal information | You may request that we use your sensitive data (birth number, bank account information, etc.) only for the purpose of providing you with services. |
| Prohibition of discrimination | You have the right not to be subjected to discriminatory treatment as a result of exercising your rights. |
How can you exercise your rights? You can exercise your rights by email at [email protected] or by post at our registered office.
We may require verification of your identity in order to process your request, depending on the nature of the right you are exercising. If a representative is exercising rights on your behalf, we will need to see proof of their authority to do so. We will also require your representative to identify themselves. We take these steps to ensure the highest possible standard of protection of your Personal Data.
9. CONCLUSION
These Personal Data Processing Principles can only be changed in writing. You will be informed about this through our website. Therefore, please check these principles regularly. By continuing to use the Services, you agree to the changes in these principles.
If you are not satisfied, you can always submit a suggestion or complaint to the office address according to the country you come from. Below are the contacts for the offices in the countries from which most of our Users come:
- Czech Office for Personal Data Protection, with its registered office at Pplk. Sochora 727/27, 170 00 Prague 7 – Holešovice, Czechia (more at www.uoou.cz),
- Spanish Data Protection Agency (AEPD), with its registered office at Jorge Juan, 6, 28001 Madrid, Spain (more at www.aepd.es),
- Italian Data Protection Authority (Garante), with its registered office at Piazza Venezia 11 – 00187 Roma, Italy (more at www.garanteprivacy.it),
- Germany Federal Commissioner for Data Protection and Freedom of Information (BfDI), with its registered office at Graurheindorfer Str. 153, 53117 Bonn, Germany (more at www.bfdi.bund.de)
- or to another personal data protection authority located in the place of your habitual residence.
These Personal Data Protection Principles are effective from 16 Match 2026.