SoT - Scouts of Tech | Tech Scouting & Innovation Intelligence

Why read this? Because we respect your privacy and want you to understand exactly how and why we handle your personal data.

(This policy is drafted to meet EU GDPR 2016/679, UK GDPR, and Czech Act 110/2019 Sb. If you operate outside the EEA/UK, additional local rules may apply.)

1. Who we are — Data Controller

Duc Luan Dam ("SoT", "we", "us")

Reg. No.: 06957315

Registered office: Bochorakova 3074/17, 616 00, Brno, Czech Republic

Email: privacy@scoutsof.tech

2. What data we collect & why

Category	Examples	Purpose	Legal basis (Art. 6)	Retention
Contact data	Name, email, phone	Respond to enquiries, schedule calls	b) Contract or f) Legitimate interest	24 months after last contact
Calendly metadata	Preferred time, IP, user-agent	Book meetings	b) Contract	2 yrs (Calendly default)
Marketing signals	Newsletter opt-in, open/click rates	Send updates	a) Consent	Until withdrawal
Analytics (Plausible)	Pseudonymous page views	Improve UX	f) Legitimate interest	12 months (aggregated)
Server logs	IP, referrer, timestamp	Detect fraud & ensure uptime	c) Legal obligation (art. 32)	30 days

We never knowingly collect special-category data (Art. 9) or data on children < 16.

3. Cookies & tracking

We use a strictly-necessary session cookie for load balancing, plus an optional analytics cookie set by Plausible (EU-hosted, cookieless by default). The cookie banner lets you decline non-essential cookies. See full cookie table in Appendix A.

4. How we share data

Recipient	Purpose	Safeguard
Resend, Inc. (USA)	Transactional email delivery	Standard Contractual Clauses (SCC 2021)
Vercel Inc. (USA/EU region)	Website hosting & Edge Functions	SCC + EU datacentres
Calendly LLC (USA)	Scheduling widget	SCC

We never sell your data.

5. International transfers

When partners sit outside the EEA/UK, we rely on SCCs plus risk assessments. Copies are available on request.

6. Your rights

You may access, rectify, erase, restrict, object, or port your data at any time. Email privacy@scoutsof.tech. We respond within 30 days. If unhappy, lodge a complaint with the Czech DPA (ÚOOÚ) or your local authority.

7. Security measures

TLS 1.3 for transport
OWASP-compliant code reviews
Field-level encryption for PII at rest
Role-based access & MFA for staff

8. Data retention & deletion

We keep personal data only as long as necessary for the purpose collected, then securely delete or anonymise. See table §2.

9. Changes

We may update this notice. Material changes → we'll email you or display a banner.

10. Contact

For privacy questions: privacy@scoutsof.tech

Privacy Policy