Privacy Policy

Soukromá pediatrická a nutriční ambulance Dr.David s.r.o.

• Address: Podolská 1485/10a, 147 00 Prague 4 – Podolí, Czech Republic
• Company ID (IČO): 21492581
• Healthcare ID (IČZ): 04311000
• E-mail: info@drdavid.cz
• Phone: +420 731 675 211

Contact form data: name, e-mail address, and the content of the message you send us.

Technical data: when you visit the website, our processors (see below) process standard technical data such as IP address, browser type, visit timestamps, and page content. This data is used to ensure operation, security, and abuse protection.

This website does not use any analytics or marketing cookies and does not track you across sites.

• Handling contact form enquiries – Art. 6(1)(b) GDPR (pre-contractual measures / legitimate interest).
• Protecting the form against abuse (CAPTCHA) – Art. 6(1)(f) GDPR (legitimate interest in security).
• Displaying the map with the clinic location – Art. 6(1)(f) GDPR (legitimate interest in informing patients).
• Website operation and security (hosting, CDN, database) – Art. 6(1)(f) GDPR (legitimate interest).

Processing of medical records of clinic patients is not governed by this policy – it takes place outside this website under specific regulations (notably Czech Act No. 372/2011 Coll. on health services).

We cooperate with the following processors to operate the website:

• Vercel Inc. – website hosting.
• Neon, LLC (a Databricks company) – database in the EU region (AWS Frankfurt).
• Cloudflare, Inc. – CDN for images and documents (domain amuninnicdn.cz, R2 storage).
• Cloudflare Turnstile – contact form spam protection, a privacy-friendly alternative to reCAPTCHA.
• Resend (operated by Plus Five Five, Inc.) – sending e-mail messages from the contact form.
• Google LLC / Google Ireland Ltd. – Google Maps (clinic location) and Google Fonts (DM Sans typeface).
• Google Places API – loading the clinic's public rating from Google Maps.

Some processors (Vercel, Resend, Google, Cloudflare) may process data outside the EU. In such cases, the transfer is secured by EU Standard Contractual Clauses or another appropriate instrument under Art. 46 GDPR.

• Contact form messages are retained for the time necessary to handle the enquiry, no longer than 12 months unless the communication implies a need for longer retention.
• Operational logs of processors (e.g. Vercel, Cloudflare) are retained according to their own policies, typically for several days to weeks.

Under the GDPR you have the right to:

• access your personal data,
• rectification of inaccurate data,
• erasure ("right to be forgotten"),
• restriction of processing,
• data portability,
• object to processing based on legitimate interest,
• withdraw consent (where processing is based on consent),
• lodge a complaint with the Czech Office for Personal Data Protection (uoou.cz), Pplk. Sochora 27, 170 00 Prague 7.

You can exercise your rights by e-mailing info@drdavid.cz.

This website uses only technical cookies and similar mechanisms necessary for proper operation (e.g. Cloudflare Turnstile spam protection, map loading). These cookies do not require consent. We do not store any analytics or marketing cookies.

We may update this policy. The current version is always available on this page.