Privacy Policy
Principles of Personal Data Processing and Protection
Controller Information
The controller of your personal data is Darteer.ai, s.r.o., registered at Korunní 2569/108, Vinohrady, 101 00 Prague 10, Company ID: 21801142, listed in the Commercial Register maintained by the Municipal Court in Prague under file no. C 405862, established and existing under the laws of the Czech Republic (the “Controller”).
The Controller operates the mobile application Darteer (“Darteer”), which enables its users (“Users”) to perform digital evaluation of dart throws using algorithms and artificial intelligence. In Darteer, the Controller processes and oversees the processing of personal data of you as data subjects.
The Controller processes your personal data and decides how they will be processed, for what purpose, and for how long. The Controller may also select additional personal data processors that assist with processing, listed in these Personal Data Processing Principles.
Exercise of Rights, Contact Details
You may contact the Controller regarding all matters related to personal data processing via email at support@darteer.ai or by post at: Darteer.ai, s.r.o., Korunní 2569/108, Vinohrady, 101 00 Prague 10.
Requests are handled without undue delay, but no later than within one month. In exceptional cases—especially due to complexity—the deadline may be extended by an additional two months. You will be informed of such an extension and the reasons for it in due time.
Statement of the Controller
The Controller declares that, as a controller of Users’ personal data, it meets all legal obligations required by applicable legislation, in particular Act No. 110/2019 Coll., on Personal Data Processing, as amended, and Regulation (EU) 2016/679 (GDPR), and thus:
- will process Users’ personal data only on the basis of a valid legal ground, especially legitimate interest, performance of a contract, legal obligation, or granted consent,
- fulfills the information obligations under Article 13 GDPR prior to commencing personal data processing,
- enables Users to exercise their rights under the Personal Data Processing Act and the GDPR and supports them in doing so.
What Personal Data Are Processed and for What Purpose?
In connection with providing Darteer services, the Controller processes the following personal data:
Identification and Contact Data
The Controller processes primarily nickname, first and last name, and email address, for the purposes of accessing Darteer, creating and managing an account, and ensuring proper provision of Darteer services.
Throw Data
The Controller processes image and telemetry data from your device aimed at the dartboard, from which throw results and statistics are derived.
Payment & Accounting Data
This includes transaction details: what was purchased, transaction date, price. Other payment-related personal data is processed by external platforms such as Google Pay as independent data controllers.
Communication Data
This includes the content of messages exchanged between Users and Darteer, as well as metadata on message sending and delivery.
Darteer Usage Data
This includes device type, OS, orders, and behavior in Darteer. Some data is automatically sent from the user’s device. Logs contain, for security reasons, information about user activity, login duration, and actions performed within the Application.
Legal Grounds for Processing
Providing and Operating Darteer
To create and use an account, all above categories are processed. This also includes sharing your personal data with other users according to your in-app choices. Legal basis: performance of a contract. Data are processed for as long as you use Darteer.
Improving Darteer
Identification data and throw data may be processed to improve functionalities. Data is pseudonymized or anonymized when possible. Legal basis: legitimate interest. Data may be processed during use of Darteer and for 5 years after termination. You may object within the app.
Protection of the Controller’s Legal Interests & Internal Records
All categories may be processed to protect rights, maintain records, enforce claims, or defend against disputes. Legal basis: legitimate interest. Data are kept for the statutory limitation period, usually no longer than 16 years after service provision or account deletion.
Marketing & Brand Promotion
Your data may be used to promote the brand, including offers and updates related to Darteer, without unnecessary interference. Legal basis: legitimate interest or consent. If based on legitimate interest, data is processed while the account exists; you may object at any time. If based on consent, data is processed until you withdraw that consent.
Sources of Personal Data
The Controller processes data obtained from Users when accessing Darteer or through throw tracking. Additional data may be derived from processed data. Some data may also be obtained from other users or partners who provide them as independent controllers or joint controllers, depending on the case.
Data Security and Protection
The Controller protects personal data to the maximum extent using modern technologies. All necessary technical and organizational measures are implemented to prevent misuse, damage, or destruction of personal data, including:
- encryption of data during transmission,
- ensuring confidentiality, integrity, availability, and resilience of systems,
- ensuring recoverability of data after incidents,
- regular testing and assessment of security measures,
- access control and monitoring,
- regular independent backups.
Data Sharing with Third Parties
Access to personal data is granted to employees and contractors bound by confidentiality and trained in data protection.
The Controller uses specialized processors for operations it cannot reliably perform internally. With your consent, your data may also be shared with other Darteer users or other controllers.
Categories of Processors Used
- External accounting firm
- IT support
- Cloud infrastructure and hosting providers
- Authentication service providers
- Analytics and product improvement providers
- Error monitoring and diagnostics providers
- Real-time communication providers
The Controller may add processors in the future with at least equivalent data security.
Data Transfers Outside the EU
Data is processed primarily within the EU or in countries with adequate protection. Equivalent protection is ensured and regularly evaluated. Transfers outside the EU occur only under the European Commission’s Standard Contractual Clauses available at https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc/standard-contractual-clauses-international-transfers_en.
User Rights
You may exercise the following rights via the Controller’s contact details:
- Right to information (fulfilled through this document)
- Right of access, including free copies unless abusive or repeated requests occur
- Right to restriction of processing
- Right to data portability (data provided in structured, commonly used format within 30 days)
- Right to rectification
- Right to erasure (“right to be forgotten”) where processing is no longer lawful, you withdraw consent and no other legal basis applies, you object to processing based on legitimate interest and overriding grounds are not demonstrated (including objections to direct marketing), or in other cases required by law
- Right to withdraw consent at any time
- Right to object to processing based on legitimate interest (always upheld for marketing)
- Right to lodge a complaint with the Czech Data Protection Authority (ÚOOÚ)
Children's Privacy
Darteer is not intended for persons under 16 years of age. The Controller does not knowingly process personal data of persons under 16. If you become aware that a person under 16 has provided personal data to the Controller without parental or guardian consent, please contact us at support@darteer.ai and the data will be deleted without delay.
Effectiveness
These personal data processing and protection principles are effective as of 1 July 2025.